* modules/ssl/ssl_util_ocsp.c (send_request,

  modssl_dispatch_ocsp_request): Take timeout as argument, as pass through.

* modules/ssl/ssl_engine_ocsp.c (verify_ocsp_status): Pass server timeout
  to modssl_dispatch_ocsp_request.

Submitted by: Dr Stephen Henson <shenson oss-institute.org>

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@815719 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_engine_ocsp.c b/modules/ssl/ssl_engine_ocsp.c
index c5e21535e24799709a3d3cbeed1db63f2478e58f..5886475344bbc520675bfc2da104e04726f492bf 100644 (file)
--- a/modules/ssl/ssl_engine_ocsp.c
+++ b/modules/ssl/ssl_engine_ocsp.c
@@ -141,7 +141,9 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,
 
     request = create_request(ctx, cert, &certID, s, pool);
     if (request) {
-        response = modssl_dispatch_ocsp_request(ruri, request, c, pool);
+        response = modssl_dispatch_ocsp_request(ruri, 
+                                                mySrvFromConn(c)->timeout,
+                                                request, c, pool);
     }
 
     if (!request || !response) {

diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h
index 004967001d3f207ec358d6d6e796c965d740b805..c3f0174e82a2734912c5cea5cd73cd2a0482e016 100644 (file)
--- a/modules/ssl/ssl_private.h
+++ b/modules/ssl/ssl_private.h
@@ -708,7 +708,8 @@ int modssl_verify_ocsp(X509_STORE_CTX *ctx, SSLSrvConfigRec *sc,
  * responder at the given URI.  Returns the decoded OCSP response
  * object, or NULL on error (in which case, errors will have been
  * logged).  Pool 'p' is used for temporary allocations. */
-OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, 
+OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
+                                            apr_interval_time_t timeout,
                                             OCSP_REQUEST *request,
                                             conn_rec *c, apr_pool_t *p);
 #endif

diff --git a/modules/ssl/ssl_util_ocsp.c b/modules/ssl/ssl_util_ocsp.c
index 214bacc6fa5a96d35739f702e4c8550ae8c89bdd..ce4639249d6b57bd7e5952f310c94aef41dace4f 100644 (file)
--- a/modules/ssl/ssl_util_ocsp.c
+++ b/modules/ssl/ssl_util_ocsp.c
@@ -57,6 +57,7 @@ static BIO *serialize_request(OCSP_REQUEST *req, const apr_uri_t *uri)
  * responder at given server given by URI.  Returns socket object or
  * NULL on error. */
 static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri, 
+                                  apr_interval_time_t timeout,
                                   conn_rec *c, apr_pool_t *p)
 {
     apr_status_t rv;
@@ -82,7 +83,7 @@ static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri,
         rv = apr_socket_create(&sd, sa->family, SOCK_STREAM, APR_PROTO_TCP, p);
         if (rv == APR_SUCCESS) {
             /* Inherit the default I/O timeout. */
-            apr_socket_timeout_set(sd, mySrvFromConn(c)->timeout);
+            apr_socket_timeout_set(sd, timeout);
 
             rv = apr_socket_connect(sd, sa);
             if (rv == APR_SUCCESS) {
@@ -270,7 +271,8 @@ static OCSP_RESPONSE *read_response(apr_socket_t *sd, BIO *bio, conn_rec *c,
     return response;
 }
 
-OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, 
+OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
+                                            apr_interval_time_t timeout,
                                             OCSP_REQUEST *request,
                                             conn_rec *c, apr_pool_t *p) 
 {
@@ -286,7 +288,7 @@ OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri,
         return NULL;
     }
     
-    sd = send_request(bio, uri, c, p);
+    sd = send_request(bio, uri, timeout, c, p);
     if (sd == NULL) {
         /* Errors already logged. */
         BIO_free(bio);