Commit 0db8f86a authored by Dmitry Belyavskiy's avatar Dmitry Belyavskiy Committed by Matt Caswell
Browse files

Add some checks of OCSP functions 



Reviewed-by: default avatarTim Hudson <tjh@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/8308)

(cherry picked from commit 72b89b8e201d17dea0219b4b92df7af7e17f183a)
parent edfd50d8

apps/ocsp.c

+8 −3
Original line number Diff line number Diff line
@@ -641,8 +641,10 @@ redo_accept: 
        goto end;

    }



    if (req != NULL && add_nonce)

        OCSP_request_add1_nonce(req, NULL, -1);

    if (req != NULL && add_nonce) {

        if (!OCSP_request_add1_nonce(req, NULL, -1))

            goto end;

    }



    if (signfile != NULL) {

        if (keyfile == NULL)
@@ -1245,7 +1247,10 @@ static void make_ocsp_response(BIO *err, OCSP_RESPONSE **resp, OCSP_REQUEST *req 
            goto end;

        }

    }

    OCSP_basic_sign_ctx(bs, rcert, mctx, rother, flags);

    if (!OCSP_basic_sign_ctx(bs, rcert, mctx, rother, flags)) {

        *resp = OCSP_response_create(OCSP_RESPONSE_STATUS_INTERNALERROR, bs);

        goto end;

    }



    if (badsig) {

        const ASN1_OCTET_STRING *sig = OCSP_resp_get0_signature(bs);