GH357: Update ocsp.c

Add Host Header in OCSP query if no host header is set via -header Signed-off-by: Rich Salz <rsalz@akamai.com> Reviewed-by: Ben Laurie <ben@openssl.org>
briansmith · Aug 8, 2015 · ff4a939 · ff4a939
1 parent 2bfbeb2
commit ff4a939
Showing 1 changed file with 13 additions and 0 deletions.
diff --git a/apps/ocsp.c b/apps/ocsp.c
@@ -1262,6 +1262,8 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
     BIO *cbio = NULL;
     SSL_CTX *ctx = NULL;
     OCSP_RESPONSE *resp = NULL;
+    int found, i;
+
     cbio = BIO_new_connect(host);
     if (!cbio) {
         BIO_printf(bio_err, "Error creating connect BIO\n");
@@ -1280,6 +1282,17 @@ OCSP_RESPONSE *process_responder(OCSP_REQUEST *req,
         sbio = BIO_new_ssl(ctx, 1);
         cbio = BIO_push(sbio, cbio);
     }
+    for (found = i = 0; i < sk_CONF_VALUE_num(headers); i++) {
+       CONF_VALUE *hdr = sk_CONF_VALUE_value(headers, i);
+       if (strcasecmp("host", hdr->name) == 0) {
+           found = 1;
+           break;
+       }
+    }
+
+    if (!found && !X509V3_add_value("Host", host, &headers))
+        BIO_printf(bio_err, "Error setting HTTP Host header\n");
+
     resp = query_responder(cbio, path, headers, req, req_timeout);
     if (!resp)
         BIO_printf(bio_err, "Error querying OCSP responder\n");