]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: ae4d37e) | patch
Fix change of behavior of the single stapled OCSP response API
authorTomas Mraz <tomas@openssl.org>
Fri, 28 Nov 2025 15:27:29 +0000 (16:27 +0100)
committerTomas Mraz <tomas@openssl.org>
Mon, 1 Dec 2025 10:42:02 +0000 (11:42 +0100)
commit7e50e034b0ca20dc492cfcffb41f974451da8ea9
tree691cac249d8214a9d4ddd19fcf038db5954b46ectree
parentae4d37e3fb0fc772c3eb22878c0206345dec8286commit | diff
Fix change of behavior of the single stapled OCSP response API

Fixes #28888

Fixes b1b4b154

Instead of transferring the ownership of the single OCSP response
to the SSL object, the multi-stapling PR modified the semantics
of SSL_set_tlsext_status_ocsp_resp() to copying semantics.

This change reverts the behavior to the previous one.

Partially based on fix by Remi Gacogne:
https://github.com/openssl/openssl/pull/28894

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Saša Nedvědický <sashan@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/29251)
doc/man3/SSL_CTX_set_tlsext_status_cb.pod diff | blob | blame | history
ssl/s3_lib.c diff | blob | blame | history
test/helpers/handshake.c diff | blob | blame | history
test/sslapitest.c diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git