mod_ssl: follow up to r1734561.

Use the right crl_check_flags in ssl_callback_SSLVerify(), can be either
a client or proxy connection here.

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1735159 13f79535-47bb-0310-9956-ffa450edef68

diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
index 952c92e6e0ec1b1f641a9cd857142c0600f2ca0f..025a95a870b755e22493e37dc2a61b86f80104ba 100644 (file)
--- a/modules/ssl/ssl_engine_kernel.c
+++ b/modules/ssl/ssl_engine_kernel.c
@@ -1635,7 +1635,7 @@ int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
     }
 
     if (!ok && errnum == X509_V_ERR_UNABLE_TO_GET_CRL
-            && (sc->server->crl_check_flags & MODSSL_CCF_NO_CRL_FOR_CERT_OK)) {
+            && (mctx->crl_check_flags & MODSSL_CCF_NO_CRL_FOR_CERT_OK)) {
         errnum = X509_V_OK;
         ok = TRUE;
     }