mirror of
https://github.com/moparisthebest/curl
synced 2024-12-23 16:48:49 -05:00
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
.... to not pass in a const in the second argument as that's not how it is supposed to be used and might cause compiler warnings. Reported-by: Pavel Pavlov Fixes #3477 Closes #3478
This commit is contained in:
parent
2fa0d57e2e
commit
16a3307e81
@ -1692,6 +1692,7 @@ static CURLcode verifystatus(struct connectdata *conn,
|
||||
struct ssl_connect_data *connssl)
|
||||
{
|
||||
int i, ocsp_status;
|
||||
unsigned char *status;
|
||||
const unsigned char *p;
|
||||
CURLcode result = CURLE_OK;
|
||||
struct Curl_easy *data = conn->data;
|
||||
@ -1701,14 +1702,14 @@ static CURLcode verifystatus(struct connectdata *conn,
|
||||
X509_STORE *st = NULL;
|
||||
STACK_OF(X509) *ch = NULL;
|
||||
|
||||
long len = SSL_get_tlsext_status_ocsp_resp(BACKEND->handle, &p);
|
||||
long len = SSL_get_tlsext_status_ocsp_resp(BACKEND->handle, &status);
|
||||
|
||||
if(!p) {
|
||||
if(!status) {
|
||||
failf(data, "No OCSP response received");
|
||||
result = CURLE_SSL_INVALIDCERTSTATUS;
|
||||
goto end;
|
||||
}
|
||||
|
||||
p = status;
|
||||
rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
|
||||
if(!rsp) {
|
||||
failf(data, "Invalid OCSP response");
|
||||
|
Loading…
Reference in New Issue
Block a user