generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

In ocsp_match_issuerid() we are passed the CA that signed the responder

Browse Source 
certificate so need to match its subject with the certificate IDs in the
response.
This commit is contained in:
Dr. Stephen Henson 2001-07-11 22:42:20 +00:00
parent b01ab14338
commit 192ebef8cf
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
crypto/ocsp/ocsp_vfy.c
View File

@ -305,7 +305,7 @@ static int ocsp_match_issuerid(X509 *cert, OCSP_CERTID *cid,
if ((cid->issuerNameHash->length != mdlen) || if ((cid->issuerNameHash->length != mdlen) ||
(cid->issuerKeyHash->length != mdlen)) (cid->issuerKeyHash->length != mdlen))
return 0; return 0;
iname = X509_get_issuer_name(cert); iname = X509_get_subject_name(cert);
if (!X509_NAME_digest(iname, dgst, md, NULL)) if (!X509_NAME_digest(iname, dgst, md, NULL))
return -1; return -1;
if (memcmp(md, cid->issuerNameHash->data, mdlen)) if (memcmp(md, cid->issuerNameHash->data, mdlen))