diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-01-15 15:49:53 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2015-01-15 15:53:08 +0100 |
| commit | 11eebe14b232ec198d1446a3720e6ed78d118c4b (patch) | |
| tree | b6fe09310fcce3a4652dea285b35608fba4bf743 | |
| parent | 908f32780b3403c3b7dc5383b4a93dc4212065c5 (diff) | |
| download | gnutls-11eebe14b232ec198d1446a3720e6ed78d118c4b.tar.gz | |
ocsptool-common: iterate through all AIA items prior to decidig the OCSP server
| -rw-r--r-- | src/ocsptool-common.c | 25 |
1 files changed, 17 insertions, 8 deletions
diff --git a/src/ocsptool-common.c b/src/ocsptool-common.c index d753e2f442..cc83e7a937 100644 --- a/src/ocsptool-common.c +++ b/src/ocsptool-common.c @@ -147,6 +147,7 @@ int send_ocsp_request(const char *server, unsigned char *p; const char *hostname; const char *path = ""; + unsigned i; unsigned int headers_size = 0, port; socket_st hd; @@ -156,15 +157,23 @@ int send_ocsp_request(const char *server, /* try to read URL from issuer certificate */ gnutls_datum_t data; - ret = gnutls_x509_crt_get_authority_info_access(cert, 0, - GNUTLS_IA_OCSP_URI, - &data, - NULL); + i = 0; + do { + ret = gnutls_x509_crt_get_authority_info_access(cert, i++, + GNUTLS_IA_OCSP_URI, + &data, + NULL); + } while(ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); + + if (ret < 0) { + i = 0; + do { + ret = + gnutls_x509_crt_get_authority_info_access + (issuer, i++, GNUTLS_IA_OCSP_URI, &data, NULL); + } while(ret < 0 && ret != GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE); + } - if (ret < 0) - ret = - gnutls_x509_crt_get_authority_info_access - (issuer, 0, GNUTLS_IA_OCSP_URI, &data, NULL); if (ret < 0) { fprintf(stderr, "Cannot find URL from issuer: %s\n", |