From: Dr. Stephen Henson <steve@openssl.org>
Date: Wed, 3 Sep 2003 23:54:00 +0000 (+0000)
Subject: New -ignore_err option in ocsp application to stop the server
X-Git-Tag: OpenSSL_0_9_7c~21
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=bd69ac5c934cdacdfd1b39fd49d2448e5d85e359;p=oweals%2Fopenssl.git

New -ignore_err option in ocsp application to stop the server
exiting on the first error in a request.
---

diff --git a/CHANGES b/CHANGES
index 52bbe03ba4..067516cc5b 100644
--- a/CHANGES
+++ b/CHANGES
@@ -4,6 +4,10 @@
 
  Changes between 0.9.7b and 0.9.7c  [xx XXX 2003]
 
+  *) New -ignore_err option in ocsp application to stop the server
+     exiting on the first error in a request.
+     [Steve Henson]
+
   *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
      extra data after the compression methods not only for TLS 1.0
      but also for SSL 3.0 (as required by the specification).
diff --git a/apps/ocsp.c b/apps/ocsp.c
index 17e84366d9..e5f186fd5e 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -136,6 +136,7 @@ int MAIN(int argc, char **argv)
 	int accept_count = -1;
 	int badarg = 0;
 	int i;
+	int ignore_err = 0;
 	STACK *reqnames = NULL;
 	STACK_OF(OCSP_CERTID) *ids = NULL;
 
@@ -195,6 +196,8 @@ int MAIN(int argc, char **argv)
 				}
 			else badarg = 1;
 			}
+		else if (!strcmp(*args, "-ignore_err"))
+			ignore_err = 1;
 		else if (!strcmp(*args, "-noverify"))
 			noverify = 1;
 		else if (!strcmp(*args, "-nonce"))
@@ -809,6 +812,8 @@ int MAIN(int argc, char **argv)
 		{
 		BIO_printf(out, "Responder Error: %s (%ld)\n",
 				OCSP_response_status_str(i), i);
+		if (ignore_err)
+			goto redo_accept;
 		ret = 0;
 		goto end;
 		}