From be0c03618a53fc539761eb5f0e300d68554f85c9 Mon Sep 17 00:00:00 2001 From: Adam Eijdenberg Date: Wed, 29 Jul 2015 21:34:35 -0400 Subject: [PATCH] RT3963: Allow OCSP stapling with -rev and -www Reviewed-by: Matt Caswell --- apps/s_server.c | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/apps/s_server.c b/apps/s_server.c index 3143078346..a1fcb6e878 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1871,6 +1871,14 @@ int s_server_main(int argc, char *argv[]) if (ctx2) SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); } + if (s_tlsextstatus) { + SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); + SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); + if (ctx2) { + SSL_CTX_set_tlsext_status_cb(ctx2, cert_status_cb); + SSL_CTX_set_tlsext_status_arg(ctx2, &tlscstatp); + } + } BIO_printf(bio_s_out, "ACCEPT\n"); (void)BIO_flush(bio_s_out); @@ -1989,10 +1997,6 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context) SSL_set_tlsext_debug_callback(con, tlsext_cb); SSL_set_tlsext_debug_arg(con, bio_s_out); } - if (s_tlsextstatus) { - SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); - SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); - } if (context && !SSL_set_session_id_context(con, -- GitLab