You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@trafficserver.apache.org by zw...@apache.org on 2018/03/06 18:15:56 UTC
[trafficserver] branch master updated: Select the current cert when
looking for issuer
This is an automated email from the ASF dual-hosted git repository.
zwoop pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficserver.git
The following commit(s) were added to refs/heads/master by this push:
new a470492 Select the current cert when looking for issuer
a470492 is described below
commit a470492a82b4ab3aa13e944e4206f254ed9d9015
Author: Randall Meyer <ra...@yahoo.com>
AuthorDate: Tue Mar 6 08:22:19 2018 -0800
Select the current cert when looking for issuer
This is needed when working with multiple cert chains
Fixes issue #3032
---
iocore/net/OCSPStapling.cc | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/iocore/net/OCSPStapling.cc b/iocore/net/OCSPStapling.cc
index c8dd275..a0b45e1 100644
--- a/iocore/net/OCSPStapling.cc
+++ b/iocore/net/OCSPStapling.cc
@@ -86,6 +86,13 @@ stapling_get_issuer(SSL_CTX *ssl_ctx, X509 *x)
if (inctx == nullptr) {
return nullptr;
}
+
+#ifdef SSL_CTX_select_current_cert
+ if (!SSL_CTX_select_current_cert(ssl_ctx, x)) {
+ Warning("OCSP: could not select current certifcate chain %p", x);
+ }
+#endif
+
if (X509_STORE_CTX_init(inctx, st, nullptr, nullptr) == 0) {
goto end;
}
--
To stop receiving notification emails like this one, please contact
zwoop@apache.org.