New -ignore_err option in ocsp application to stop the server

exiting on the first error in a request.

New -ignore_err option in ocsp application to stop the server
exiting on the first error in a request.
560dfd2a · Dr. Stephen Henson · 14f3d7c5 · 560dfd2a · 560dfd2a
隐藏空白更改
内联并排

Showing with 9 addition and 0 deletion

CHANGES CHANGES +4 -0

apps/ocsp.c apps/ocsp.c +5 -0

未找到文件。
--- a/CHANGES
+++ b/CHANGES
@@ -549,6 +549,10 @@
 Changes between 0.9.7b and 0.9.7c  [xx XXX 2003]
+  *) New -ignore_err option in ocsp application to stop the server
+     exiting on the first error in a request.
+     [Steve Henson]
  *) In ssl3_get_client_hello() (ssl/s3_srvr.c), tolerate additional
     extra data after the compression methods not only for TLS 1.0
     but also for SSL 3.0 (as required by the specification).

--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -123,6 +123,7 @@ int MAIN(int argc, char **argv)
 	int accept_count = -1;
 	int badarg = 0;
 	int i;
+	int ignore_err = 0;
 	STACK *reqnames = NULL;
 	STACK_OF(OCSP_CERTID) *ids = NULL;
@@ -182,6 +183,8 @@ int MAIN(int argc, char **argv)
 				}
 			else badarg = 1;
 			}
+		else if (!strcmp(*args, "-ignore_err"))
+			ignore_err = 1;
 		else if (!strcmp(*args, "-noverify"))
 			noverify = 1;
 		else if (!strcmp(*args, "-nonce"))
@@ -783,6 +786,8 @@ int MAIN(int argc, char **argv)
 		{
 		BIO_printf(out, "Responder Error: %s (%d)\n",
 				OCSP_response_status_str(i), i);
+		if (ignore_err)
+			goto redo_accept;
 		ret = 0;
 		goto end;
 		}