From d65b8b2162f33ac0d53dace588a0847ed827626c Mon Sep 17 00:00:00 2001
From: Ben Laurie <ben@openssl.org>
Date: Fri, 14 Dec 2012 12:53:53 +0000
Subject: Backport OCSP fixes.

---
 apps/ocsp.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'apps')

diff --git a/apps/ocsp.c b/apps/ocsp.c
index 01847dfad7..ce9bfa52d6 100644
--- a/apps/ocsp.c
+++ b/apps/ocsp.c
@@ -866,6 +866,8 @@ int MAIN(int argc, char **argv)
 		goto end;
 		}
 
+	ret = 0;
+
 	if (!noverify)
 		{
 		if (req && ((i = OCSP_check_nonce(req, bs)) <= 0))
@@ -875,17 +877,17 @@ int MAIN(int argc, char **argv)
 			else
 				{
 				BIO_printf(bio_err, "Nonce Verify error\n");
+				ret = 1;
 				goto end;
 				}
 			}
 
 		i = OCSP_basic_verify(bs, verify_other, store, verify_flags);
-                if (i < 0) i = OCSP_basic_verify(bs, NULL, store, 0);
-
 		if(i <= 0)
 			{
 			BIO_printf(bio_err, "Response Verify Failure\n");
 			ERR_print_errors(bio_err);
+			ret = 1;
 			}
 		else
 			BIO_printf(bio_err, "Response verify OK\n");
@@ -893,9 +895,7 @@ int MAIN(int argc, char **argv)
 		}
 
 	if (!print_ocsp_summary(out, bs, req, reqnames, ids, nsec, maxage))
-		goto end;
-
-	ret = 0;
+		ret = 1;
 
 end:
 	ERR_print_errors(bio_err);
-- 
cgit v1.2.3