diff options
Diffstat (limited to 'ssl/ssl_lib.c')
-rw-r--r-- | ssl/ssl_lib.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c index 00a93eeee9..c5d9f0e93e 100644 --- a/ssl/ssl_lib.c +++ b/ssl/ssl_lib.c @@ -152,6 +152,7 @@ #include <openssl/lhash.h> #include <openssl/x509v3.h> #include <openssl/rand.h> +#include <openssl/ocsp.h> #ifndef OPENSSL_NO_DH #include <openssl/dh.h> #endif @@ -340,6 +341,12 @@ SSL *SSL_new(SSL_CTX *ctx) s->tlsext_debug_cb = 0; s->tlsext_debug_arg = NULL; s->tlsext_ticket_expected = 0; + s->tlsext_status_type = -1; + s->tlsext_status_expected = 0; + s->tlsext_ocsp_ids = NULL; + s->tlsext_ocsp_exts = NULL; + s->tlsext_ocsp_resp = NULL; + s->tlsext_ocsp_resplen = -1; CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX); s->initial_ctx=ctx; #endif @@ -543,6 +550,13 @@ void SSL_free(SSL *s) if (s->tlsext_ellipticcurvelist) OPENSSL_free(s->tlsext_ellipticcurvelist); #endif /* OPENSSL_NO_EC */ if (s->tlsext_opaque_prf_input) OPENSSL_free(s->tlsext_opaque_prf_input); + if (s->tlsext_ocsp_exts) + sk_X509_EXTENSION_pop_free(s->tlsext_ocsp_exts, + X509_EXTENSION_free); + if (s->tlsext_ocsp_ids) + sk_OCSP_RESPID_pop_free(s->tlsext_ocsp_ids, OCSP_RESPID_free); + if (s->tlsext_ocsp_resp) + OPENSSL_free(s->tlsext_ocsp_resp); #endif if (s->client_CA != NULL) @@ -1556,6 +1570,9 @@ SSL_CTX *SSL_CTX_new(const SSL_METHOD *meth) || (RAND_bytes(ret->tlsext_tick_aes_key, 16) <= 0)) ret->options |= SSL_OP_NO_TICKET; + ret->tlsext_status_cb = 0; + ret->tlsext_status_arg = NULL; + #endif #ifndef OPENSSL_NO_PSK ret->psk_identity_hint=NULL; |