diff options
author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-20 08:31:41 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2017-06-20 12:46:04 +0200 |
commit | d8e575bf2863b1987808f6418ee19b3b423a3320 (patch) | |
tree | ab9c90b19590b833fce33ea1ca966e5d44d34c05 | |
parent | 692ebe18468358edc503fcf856891649936d335a (diff) | |
download | gnutls-d8e575bf2863b1987808f6418ee19b3b423a3320.tar.gz |
ocsptool: allow combining --load-trust with --verify-response
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
-rw-r--r-- | src/ocsptool.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/src/ocsptool.c b/src/ocsptool.c index 4f3176be70..dfc11803c0 100644 --- a/src/ocsptool.c +++ b/src/ocsptool.c @@ -471,6 +471,13 @@ static void verify_response(gnutls_datum_t *nonce) signer = chain[0]; else signer = chain[1]; + + v = _verify_response(&dat, nonce, signer); + + for (i=0;i<chain_size;i++) + gnutls_x509_crt_deinit(chain[i]); + } else if (HAVE_OPT(LOAD_TRUST)) { + v = _verify_response(&dat, nonce, NULL); } else { memset(&info, 0, sizeof(info)); info.verbose = verbose; @@ -481,16 +488,11 @@ static void verify_response(gnutls_datum_t *nonce) info.cert = OPT_ARG(LOAD_SIGNER); signer = load_cert(1, &info); - } - v = _verify_response(&dat, nonce, signer); - - if (chain_size > 0) { - for (i=0;i<chain_size;i++) - gnutls_x509_crt_deinit(chain[i]); - } else { + v = _verify_response(&dat, nonce, signer); gnutls_x509_crt_deinit(signer); } + free(dat.data); if (v && !HAVE_OPT(IGNORE_ERRORS)) |