You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by jo...@apache.org on 2007/12/03 12:15:31 UTC

svn commit: r600482 - /httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c

Author: jorton
Date: Mon Dec  3 03:15:31 2007
New Revision: 600482

URL: http://svn.apache.org/viewvc?rev=600482&view=rev
Log:
* modules/ssl/ssl_util_ocsp.c (read_response): Bail out if the maximum
  response-header count is exceeded.  Also bump to APLOG_ERR the log
  message given after a header read error.

Modified:
    httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c

Modified: httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c?rev=600482&r1=600481&r2=600482&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c (original)
+++ httpd/httpd/trunk/modules/ssl/ssl_util_ocsp.c Mon Dec  3 03:15:31 2007
@@ -207,8 +207,14 @@
                       "OCSP response header: %s", line);
     }
 
-    if (!line) {
-        ap_log_cerror(APLOG_MARK, APLOG_DEBUG, 0, c,
+    if (count == MAX_HEADERS) {
+        ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c,
+                      "could not read response headers from OCSP server, "
+                      "exceeded maximum count (%u)", MAX_HEADERS);
+        return NULL;
+    }
+    else if (!line) {
+        ap_log_cerror(APLOG_MARK, APLOG_ERR, 0, c,
                       "could not read response header from OCSP server");
         return NULL;
     }