From: Adam Eijdenberg Date: Thu, 30 Jul 2015 01:34:35 +0000 (-0400) Subject: RT3963: Allow OCSP stapling with -rev and -www X-Git-Tag: OpenSSL_1_1_0-pre1~871 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=be0c03618a53fc539761eb5f0e300d68554f85c9;p=oweals%2Fopenssl.git RT3963: Allow OCSP stapling with -rev and -www Reviewed-by: Matt Caswell --- diff --git a/apps/s_server.c b/apps/s_server.c index 3143078346..a1fcb6e878 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1871,6 +1871,14 @@ int s_server_main(int argc, char *argv[]) if (ctx2) SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); } + if (s_tlsextstatus) { + SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); + SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); + if (ctx2) { + SSL_CTX_set_tlsext_status_cb(ctx2, cert_status_cb); + SSL_CTX_set_tlsext_status_arg(ctx2, &tlscstatp); + } + } BIO_printf(bio_s_out, "ACCEPT\n"); (void)BIO_flush(bio_s_out); @@ -1989,10 +1997,6 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context) SSL_set_tlsext_debug_callback(con, tlsext_cb); SSL_set_tlsext_debug_arg(con, bio_s_out); } - if (s_tlsextstatus) { - SSL_CTX_set_tlsext_status_cb(ctx, cert_status_cb); - SSL_CTX_set_tlsext_status_arg(ctx, &tlscstatp); - } if (context && !SSL_set_session_id_context(con,