www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

* modules/ssl/ssl_util_ocsp.c (send_request,

Browse Source 
modssl_dispatch_ocsp_request): Take timeout as argument, as pass through.
  
* modules/ssl/ssl_engine_ocsp.c (verify_ocsp_status): Pass server timeout
  to modssl_dispatch_ocsp_request.

Submitted by: Dr Stephen Henson <shenson oss-institute.org>


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@815719 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Joe Orton
2009-09-16 10:56:31 +00:00
parent 8c13e8877c
commit 229ca83b8f
3 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
modules/ssl/ssl_engine_ocsp.c
View File

@@ -141,7 +141,9 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,
request = create_request(ctx, cert, &certID, s, pool); request = create_request(ctx, cert, &certID, s, pool);
if (request) { if (request) {
response = modssl_dispatch_ocsp_request(ruri, request, c, pool); response = modssl_dispatch_ocsp_request(ruri,
mySrvFromConn(c)->timeout,
request, c, pool);
} }
if (!request || !response) { if (!request || !response) {

1
modules/ssl/ssl_private.h
View File

@@ -709,6 +709,7 @@ int modssl_verify_ocsp(X509_STORE_CTX *ctx, SSLSrvConfigRec *sc,
* object, or NULL on error (in which case, errors will have been * object, or NULL on error (in which case, errors will have been
* logged). Pool 'p' is used for temporary allocations. */ * logged). Pool 'p' is used for temporary allocations. */
OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
apr_interval_time_t timeout,
OCSP_REQUEST *request, OCSP_REQUEST *request,
conn_rec *c, apr_pool_t *p); conn_rec *c, apr_pool_t *p);
#endif #endif

6
modules/ssl/ssl_util_ocsp.c
View File

@@ -57,6 +57,7 @@ static BIO *serialize_request(OCSP_REQUEST *req, const apr_uri_t *uri)
* responder at given server given by URI. Returns socket object or * responder at given server given by URI. Returns socket object or
* NULL on error. */ * NULL on error. */
static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri, static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri,
apr_interval_time_t timeout,
conn_rec *c, apr_pool_t *p) conn_rec *c, apr_pool_t *p)
{ {
apr_status_t rv; apr_status_t rv;
@@ -82,7 +83,7 @@ static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri,
rv = apr_socket_create(&sd, sa->family, SOCK_STREAM, APR_PROTO_TCP, p); rv = apr_socket_create(&sd, sa->family, SOCK_STREAM, APR_PROTO_TCP, p);
if (rv == APR_SUCCESS) { if (rv == APR_SUCCESS) {
/* Inherit the default I/O timeout. */ /* Inherit the default I/O timeout. */
apr_socket_timeout_set(sd, mySrvFromConn(c)->timeout); apr_socket_timeout_set(sd, timeout);
rv = apr_socket_connect(sd, sa); rv = apr_socket_connect(sd, sa);
if (rv == APR_SUCCESS) { if (rv == APR_SUCCESS) {
@@ -271,6 +272,7 @@ static OCSP_RESPONSE *read_response(apr_socket_t *sd, BIO *bio, conn_rec *c,
} }
OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
apr_interval_time_t timeout,
OCSP_REQUEST *request, OCSP_REQUEST *request,
conn_rec *c, apr_pool_t *p) conn_rec *c, apr_pool_t *p)
{ {
@@ -286,7 +288,7 @@ OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
return NULL; return NULL;
} }
sd = send_request(bio, uri, c, p); sd = send_request(bio, uri, timeout, c, p);
if (sd == NULL) { if (sd == NULL) {
/* Errors already logged. */ /* Errors already logged. */
BIO_free(bio); BIO_free(bio);