* modules/ssl/ssl_util_ocsp.c (send_request,

modssl_dispatch_ocsp_request): Take timeout as argument, as pass through. * modules/ssl/ssl_engine_ocsp.c (verify_ocsp_status): Pass server timeout to modssl_dispatch_ocsp_request. Submitted by: Dr Stephen Henson <shenson oss-institute.org> git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@815719 13f79535-47bb-0310-9956-ffa450edef68
2025-08-08 15:02:10 +03:00 · 2009-09-16 10:56:31 +00:00
parent 8c13e8877c
commit 229ca83b8f
3 changed files with 10 additions and 5 deletions
--- a/modules/ssl/ssl_engine_ocsp.c
+++ b/modules/ssl/ssl_engine_ocsp.c
@@ -141,7 +141,9 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,

    request = create_request(ctx, cert, &certID, s, pool);
    if (request) {
-        response = modssl_dispatch_ocsp_request(ruri, request, c, pool);
+        response = modssl_dispatch_ocsp_request(ruri, 
+                                                mySrvFromConn(c)->timeout,
+                                                request, c, pool);
    }

    if (!request || !response) {
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -708,7 +708,8 @@ int modssl_verify_ocsp(X509_STORE_CTX *ctx, SSLSrvConfigRec *sc,
 * responder at the given URI.  Returns the decoded OCSP response
 * object, or NULL on error (in which case, errors will have been
 * logged).  Pool 'p' is used for temporary allocations. */
-OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, 
+OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
+                                            apr_interval_time_t timeout,
                                            OCSP_REQUEST *request,
                                            conn_rec *c, apr_pool_t *p);
 #endif
--- a/modules/ssl/ssl_util_ocsp.c
+++ b/modules/ssl/ssl_util_ocsp.c
@@ -57,6 +57,7 @@ static BIO *serialize_request(OCSP_REQUEST *req, const apr_uri_t *uri)
 * responder at given server given by URI.  Returns socket object or
 * NULL on error. */
 static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri, 
+                                  apr_interval_time_t timeout,
                                  conn_rec *c, apr_pool_t *p)
 {
    apr_status_t rv;
@@ -82,7 +83,7 @@ static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri,
        rv = apr_socket_create(&sd, sa->family, SOCK_STREAM, APR_PROTO_TCP, p);
        if (rv == APR_SUCCESS) {
            /* Inherit the default I/O timeout. */
-            apr_socket_timeout_set(sd, mySrvFromConn(c)->timeout);
+            apr_socket_timeout_set(sd, timeout);

            rv = apr_socket_connect(sd, sa);
            if (rv == APR_SUCCESS) {
@@ -270,7 +271,8 @@ static OCSP_RESPONSE *read_response(apr_socket_t *sd, BIO *bio, conn_rec *c,
    return response;
 }

-OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, 
+OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
+                                            apr_interval_time_t timeout,
                                            OCSP_REQUEST *request,
                                            conn_rec *c, apr_pool_t *p) 
 {
@@ -286,7 +288,7 @@ OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
        return NULL;
    }
    
-    sd = send_request(bio, uri, c, p);
+    sd = send_request(bio, uri, timeout, c, p);
    if (sd == NULL) {
        /* Errors already logged. */
        BIO_free(bio);