GnuTLS: fix $tls_out_ocsp under hosts_request_ocsp

author: Jeremy Harris <jgh146exb@wizmail.org> 2019-05-07 22:42:18 +0100
committer: Jeremy Harris <jgh146exb@wizmail.org> 2019-05-07 22:45:51 +0100
commit: 7a501c874f028f689c44999ab05bb0d39da46941 (patch)
tree: 71f6e09f298c048270fd50f4a95840f991073ab4 /src
parent: c82de233a9bf264bb0db7ae72b2aa6da62ade2f0 (diff)
1 files changed, 8 insertions, 4 deletions
diff --git a/src/src/tls-gnu.c b/src/src/tls-gnu.c
index df07c536c..dc8cdab5c 100644
--- a/src/src/tls-gnu.c
+++ b/src/src/tls-gnu.c
@@ -2757,7 +2757,7 @@ if (!verify_certificate(state, errstr))
   }
 
 #ifndef DISABLE_OCSP
-if (require_ocsp)
+if (request_ocsp)
   {
   DEBUG(D_tls)
     {
@@ -2781,10 +2781,14 @@ if (require_ocsp)
     {
     tlsp->ocsp = OCSP_FAILED;
     tls_error(US"certificate status check failed", NULL, state->host, errstr);
-    return FALSE;
+    if (require_ocsp)
+      return FALSE;
+    }
+  else
+    {
+    DEBUG(D_tls) debug_printf("Passed OCSP checking\n");
+    tlsp->ocsp = OCSP_VFIED;
     }
-  DEBUG(D_tls) debug_printf("Passed OCSP checking\n");
-  tlsp->ocsp = OCSP_VFIED;
   }
 #endif
author	Jeremy Harris <jgh146exb@wizmail.org>	2019-05-07 22:42:18 +0100
committer	Jeremy Harris <jgh146exb@wizmail.org>	2019-05-07 22:45:51 +0100
commit	7a501c874f028f689c44999ab05bb0d39da46941 (patch)
tree	71f6e09f298c048270fd50f4a95840f991073ab4 /src
parent	c82de233a9bf264bb0db7ae72b2aa6da62ade2f0 (diff)