The check for request including a nonce and response not having it was

author Richard Levitte <levitte@openssl.org>

Thu, 8 Feb 2001 19:28:10 +0000 (19:28 +0000)

committer Richard Levitte <levitte@openssl.org>

Thu, 8 Feb 2001 19:28:10 +0000 (19:28 +0000)
author Richard Levitte <levitte@openssl.org>
Thu, 8 Feb 2001 19:28:10 +0000 (19:28 +0000)
committer Richard Levitte <levitte@openssl.org>
Thu, 8 Feb 2001 19:28:10 +0000 (19:28 +0000)
diff --git a/crypto/ocsp/ocsp_ext.c b/crypto/ocsp/ocsp_ext.c

index 56c54f735b55d978c2853b3f9d1c4cdde22fe1f3..dcd7869bfbe5fbfdcc58fa4918adbab101661c89 100644 (file)
--- a/crypto/ocsp/ocsp_ext.c
+++ b/crypto/ocsp/ocsp_ext.c
@@ -349,7 +349,7 @@ int OCSP_check_nonce(OCSP_REQUEST *req, OCSP_BASICRESP *bs)
         resp_idx = OCSP_BASICRESP_get_ext_by_NID(bs, NID_id_pkix_OCSP_Nonce, -1);
         /* If both absent its OK */
         if((req_idx < 0) && (resp_idx < 0)) return 1;
-       if((req_idx < 0) && (resp_idx >= 0))
+       if((req_idx >= 0) && (resp_idx < 0))
                 {
                 OCSPerr(OCSP_F_OCSP_CHECK_NONCE, OCSP_R_NONCE_MISSING_IN_RESPONSE);
                 goto err;
author	Richard Levitte <levitte@openssl.org>
	Thu, 8 Feb 2001 19:28:10 +0000 (19:28 +0000)
committer	Richard Levitte <levitte@openssl.org>
	Thu, 8 Feb 2001 19:28:10 +0000 (19:28 +0000)