]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 87ae675)
Skip OCSP if there's no host / port / url
authorAlan T. DeKok <aland@freeradius.org>
Wed, 12 Sep 2012 12:35:51 +0000 (14:35 +0200)
committerAlan T. DeKok <aland@freeradius.org>
Fri, 14 Sep 2012 08:37:04 +0000 (10:37 +0200)
src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c patch | blob | blame | history

diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index 799ee8a876254ad1fae8f65e8b292dc75cef5369..1b4398b2f58c7f5a73808875afabbdbe0a683b50 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -339,6 +339,12 @@ static int ocsp_check(X509_STORE *store, X509 *issuer_cert, X509 *client_cert,
        else {
                ocsp_parse_cert_url(client_cert, &host, &port, &path, &use_ssl);
        }
+
+       if (!host || !port || !path) {
+               DEBUG2("[ocsp] - Host / port / path missing.  Not doing OCSP.");
+               ocsp_ok = 2;
+               goto ocsp_skip;
+       }
        
        DEBUG2("[ocsp] --> Responder URL = http://%s:%s%s", host, port, path);
 
@@ -467,6 +473,7 @@ ocsp_end:
        BIO_free_all(cbio);
        OCSP_BASICRESP_free(bresp);
 
+ocsp_skip:
        switch (ocsp_ok) {
        case 1:
                DEBUG2("[ocsp] --> Certificate is valid!");
Mirror of https://github.com/FreeRADIUS/freeradius-server.git