From 229ca83b8fb91aeca65ccbae5f15eaa339d9204a Mon Sep 17 00:00:00 2001 From: Joe Orton Date: Wed, 16 Sep 2009 10:56:31 +0000 Subject: [PATCH] * modules/ssl/ssl_util_ocsp.c (send_request, modssl_dispatch_ocsp_request): Take timeout as argument, as pass through. * modules/ssl/ssl_engine_ocsp.c (verify_ocsp_status): Pass server timeout to modssl_dispatch_ocsp_request. Submitted by: Dr Stephen Henson git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@815719 13f79535-47bb-0310-9956-ffa450edef68 --- modules/ssl/ssl_engine_ocsp.c | 4 +++- modules/ssl/ssl_private.h | 3 ++- modules/ssl/ssl_util_ocsp.c | 8 +++++--- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/modules/ssl/ssl_engine_ocsp.c b/modules/ssl/ssl_engine_ocsp.c index c5e21535e2..5886475344 100644 --- a/modules/ssl/ssl_engine_ocsp.c +++ b/modules/ssl/ssl_engine_ocsp.c @@ -141,7 +141,9 @@ static int verify_ocsp_status(X509 *cert, X509_STORE_CTX *ctx, conn_rec *c, request = create_request(ctx, cert, &certID, s, pool); if (request) { - response = modssl_dispatch_ocsp_request(ruri, request, c, pool); + response = modssl_dispatch_ocsp_request(ruri, + mySrvFromConn(c)->timeout, + request, c, pool); } if (!request || !response) { diff --git a/modules/ssl/ssl_private.h b/modules/ssl/ssl_private.h index 004967001d..c3f0174e82 100644 --- a/modules/ssl/ssl_private.h +++ b/modules/ssl/ssl_private.h @@ -708,7 +708,8 @@ int modssl_verify_ocsp(X509_STORE_CTX *ctx, SSLSrvConfigRec *sc, * responder at the given URI. Returns the decoded OCSP response * object, or NULL on error (in which case, errors will have been * logged). Pool 'p' is used for temporary allocations. */ -OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, +OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, + apr_interval_time_t timeout, OCSP_REQUEST *request, conn_rec *c, apr_pool_t *p); #endif diff --git a/modules/ssl/ssl_util_ocsp.c b/modules/ssl/ssl_util_ocsp.c index 214bacc6fa..ce4639249d 100644 --- a/modules/ssl/ssl_util_ocsp.c +++ b/modules/ssl/ssl_util_ocsp.c @@ -57,6 +57,7 @@ static BIO *serialize_request(OCSP_REQUEST *req, const apr_uri_t *uri) * responder at given server given by URI. Returns socket object or * NULL on error. */ static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri, + apr_interval_time_t timeout, conn_rec *c, apr_pool_t *p) { apr_status_t rv; @@ -82,7 +83,7 @@ static apr_socket_t *send_request(BIO *request, const apr_uri_t *uri, rv = apr_socket_create(&sd, sa->family, SOCK_STREAM, APR_PROTO_TCP, p); if (rv == APR_SUCCESS) { /* Inherit the default I/O timeout. */ - apr_socket_timeout_set(sd, mySrvFromConn(c)->timeout); + apr_socket_timeout_set(sd, timeout); rv = apr_socket_connect(sd, sa); if (rv == APR_SUCCESS) { @@ -270,7 +271,8 @@ static OCSP_RESPONSE *read_response(apr_socket_t *sd, BIO *bio, conn_rec *c, return response; } -OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, +OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, + apr_interval_time_t timeout, OCSP_REQUEST *request, conn_rec *c, apr_pool_t *p) { @@ -286,7 +288,7 @@ OCSP_RESPONSE *modssl_dispatch_ocsp_request(const apr_uri_t *uri, return NULL; } - sd = send_request(bio, uri, c, p); + sd = send_request(bio, uri, timeout, c, p); if (sd == NULL) { /* Errors already logged. */ BIO_free(bio); -- 2.40.0