wolfssl icon indicating copy to clipboard operation
wolfssl copied to clipboard
verified publisher icon wolfSSL

openssl compat: match openssl status cb behaviour for stapling

Open rizlik opened this issue 1 year ago • 3 comments

Description

On the server side, OpenSSL offloads the creation and the verification of the ocsp response to staple to the user application. This commit moves the invocation point of the StatusCB so that wolfSSL doesn't try to verify the response and/or the server certificate.

Fixes zd#18703

rizlik avatar Oct 02 '24 12:10 rizlik

retest this please

rizlik avatar Oct 03 '24 14:10 rizlik

fix confirmed by the reporter

rizlik avatar Oct 08 '24 06:10 rizlik

please wait before merging

rizlik avatar Oct 09 '24 14:10 rizlik

@rizlik please resolve merge conflicts. Assigning to you only as you said: "please wait before merging"

dgarske avatar Nov 15 '24 17:11 dgarske

indeed, we need some rework in OCSP_basic_verify as well before merging this. I'm closing it for now

rizlik avatar Nov 18 '24 10:11 rizlik