From: Kaspar Brand <kbrand@apache.org>
Date: Sun, 28 Aug 2011 16:34:50 +0000 (+0000)
Subject: Fix the default OCSP responder timeout for client cert
X-Git-Tag: 2.3.15~330
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=10f5094a91465e4811be69bdd1f388ac56b19013;p=thirdparty%2Fapache%2Fhttpd.git

Fix the default OCSP responder timeout for client cert
validation - 10 µsec is a tad too aggressive.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1162552 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/modules/ssl/ssl_engine_ocsp.c b/modules/ssl/ssl_engine_ocsp.c
index d7f33c9587e..ff5ee35c3a9 100644
--- a/modules/ssl/ssl_engine_ocsp.c
+++ b/modules/ssl/ssl_engine_ocsp.c
@@ -142,7 +142,7 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c,
     request = create_request(ctx, cert, &certID, s, pool);
     if (request) {
         apr_interval_time_t to = sc->server->ocsp_responder_timeout == UNSET ?
-                                 DEFAULT_OCSP_TIMEOUT :
+                                 apr_time_from_sec(DEFAULT_OCSP_TIMEOUT) :
                                  sc->server->ocsp_responder_timeout;
         response = modssl_dispatch_ocsp_request(ruri, to, request, c, pool);
     }