diff options
author | Daniel Stenberg <daniel@haxx.se> | 2019-01-15 23:57:25 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2019-01-16 08:20:57 +0100 |
commit | 16a3307e813fa82776dc265201ffc7dac1c842a7 (patch) | |
tree | 514cb6c275518fa0e36faffa9bfdfbd55675c958 /lib/vtls/openssl.c | |
parent | 2fa0d57e2e3b7a808af55e52912827813d19c38f (diff) | |
download | curl-16a3307e813fa82776dc265201ffc7dac1c842a7.tar.gz |
openssl: fix the SSL_get_tlsext_status_ocsp_resp call
.... to not pass in a const in the second argument as that's not how it
is supposed to be used and might cause compiler warnings.
Reported-by: Pavel Pavlov
Fixes #3477
Closes #3478
Diffstat (limited to 'lib/vtls/openssl.c')
-rw-r--r-- | lib/vtls/openssl.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/lib/vtls/openssl.c b/lib/vtls/openssl.c index 45e72d6a3..9d11b89e5 100644 --- a/lib/vtls/openssl.c +++ b/lib/vtls/openssl.c @@ -1692,6 +1692,7 @@ static CURLcode verifystatus(struct connectdata *conn, struct ssl_connect_data *connssl) { int i, ocsp_status; + unsigned char *status; const unsigned char *p; CURLcode result = CURLE_OK; struct Curl_easy *data = conn->data; @@ -1701,14 +1702,14 @@ static CURLcode verifystatus(struct connectdata *conn, X509_STORE *st = NULL; STACK_OF(X509) *ch = NULL; - long len = SSL_get_tlsext_status_ocsp_resp(BACKEND->handle, &p); + long len = SSL_get_tlsext_status_ocsp_resp(BACKEND->handle, &status); - if(!p) { + if(!status) { failf(data, "No OCSP response received"); result = CURLE_SSL_INVALIDCERTSTATUS; goto end; } - + p = status; rsp = d2i_OCSP_RESPONSE(NULL, &p, len); if(!rsp) { failf(data, "Invalid OCSP response"); |