www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-08-08 15:02:10 +03:00
Code Activity

follow up to r1641077:

Browse Source 
one bug was traded for another in r1641077; track the response
length and the cached object length separately to avoid such
confusion


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1641095 13f79535-47bb-0310-9956-ffa450edef68
This commit is contained in:
Jeff Trawick
2014-11-22 17:54:08 +00:00
parent 70b441b9df
commit 2c334bcba5
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
modules/ssl/ssl_util_stapling.c
View File

@@ -212,7 +212,7 @@ static BOOL stapling_cache_response(server_rec *s, modssl_ctx_t *mctx,
SSLModConfigRec *mc = myModConfig(s); SSLModConfigRec *mc = myModConfig(s);
unsigned char resp_der[MAX_STAPLING_DER]; /* includes one-byte flag + response */ unsigned char resp_der[MAX_STAPLING_DER]; /* includes one-byte flag + response */
unsigned char *p; unsigned char *p;
int resp_derlen; int resp_derlen, stored_len;
BOOL rv; BOOL rv;
apr_time_t expiry; apr_time_t expiry;
@@ -224,7 +224,8 @@ static BOOL stapling_cache_response(server_rec *s, modssl_ctx_t *mctx,
return FALSE; return FALSE;
} }
if (resp_derlen + 1 > sizeof resp_der) { /* response + ok flag too big? */ stored_len = resp_derlen + 1; /* response + ok flag */
if (stored_len > sizeof resp_der) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01928) ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01928)
"OCSP stapling response too big (%u bytes)", resp_derlen); "OCSP stapling response too big (%u bytes)", resp_derlen);
return FALSE; return FALSE;
@@ -248,7 +249,7 @@ static BOOL stapling_cache_response(server_rec *s, modssl_ctx_t *mctx,
rv = mc->stapling_cache->store(mc->stapling_cache_context, s, rv = mc->stapling_cache->store(mc->stapling_cache_context, s,
cinf->idx, sizeof(cinf->idx), cinf->idx, sizeof(cinf->idx),
expiry, resp_der, resp_derlen, pool); expiry, resp_der, stored_len, pool);
if (rv != APR_SUCCESS) { if (rv != APR_SUCCESS) {
ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01929) ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(01929)
"stapling_cache_response: OCSP response session store error!"); "stapling_cache_response: OCSP response session store error!");