[openssl-dev] OCSP issues in master 2015-10-17
Roumen Petrov
openssl at roumenpetrov.info
Wed Oct 21 20:16:52 UTC 2015
Dr. Stephen Henson wrote:
> On Sat, Oct 17, 2015, Roumen Petrov wrote:
>
>> Hello,
>>
>> After embed some attributes OCSP in master stop to work.
>>
>> The current status is the client comment report "Cert Status:
>> unknown" and "Nonce Verify error" for X.509 certificates used in my
>> ssh regression tests.
>>
> Try this patch:
>
> diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
> index 33a8e97..6a2ad62 100644
> --- a/crypto/asn1/tasn_new.c
> +++ b/crypto/asn1/tasn_new.c
> @@ -352,6 +352,7 @@ static int asn1_primitive_new(ASN1_VALUE **pval, const
> ASN1_ITEM *it,
> if (embed) {
> str = *(ASN1_STRING **)pval;
> memset(str, 0, sizeof(*str));
> + str->type = utype;
> str->flags = ASN1_STRING_FLAG_EMBED;
> } else {
> str = ASN1_STRING_type_new(utype);
Thanks.
Now my ssh regression tests pass with master.
Regards,
Roumen Petrov
More information about the openssl-dev
mailing list