16 lines
801 B
Diff
16 lines
801 B
Diff
diff --git a/modules/ssl/ssl_engine_kernel.c b/modules/ssl/ssl_engine_kernel.c
|
|
index a5e86e4..6611610 100644
|
|
--- a/modules/ssl/ssl_engine_kernel.c
|
|
+++ b/modules/ssl/ssl_engine_kernel.c
|
|
@@ -1823,8 +1823,8 @@ int ssl_callback_SSLVerify(int ok, X509_STORE_CTX *ctx)
|
|
/*
|
|
* Perform OCSP-based revocation checks
|
|
*/
|
|
- if (ok && ((sc->server->ocsp_mask & SSL_OCSPCHECK_CHAIN) ||
|
|
- (errdepth == 0 && (sc->server->ocsp_mask & SSL_OCSPCHECK_LEAF)))) {
|
|
+ if (ok && ((mctx->ocsp_mask & SSL_OCSPCHECK_CHAIN) ||
|
|
+ (errdepth == 0 && (mctx->ocsp_mask & SSL_OCSPCHECK_LEAF)))) {
|
|
/* If there was an optional verification error, it's not
|
|
* possible to perform OCSP validation since the issuer may be
|
|
* missing/untrusted. Fail in that case. */
|