On 2020/01/10 19:13, Kor son of Rynar wrote: > On Fri, Jan 10, 2020 at 6:48 PM Kor son of Rynar <[email protected]> > wrote: > > > >Fix: > > Unknown. Could be related to the lack of "Connection: close" > > and/or "Content-Type" headers in the HTTP request? > > > > Adding the missing headers seems to solve the problem: > > --- http.c.orig Fri Jun 28 13:32:49 2019 > +++ http.c Fri Jan 10 22:04:09 2020 > @@ -349,7 +349,10 @@ > c = asprintf(&req, > "POST %s HTTP/1.0\r\n"
...this uses HTTP/1.0 > "Host: %s\r\n" > + "Accept: */*\r\n" > + "Content-Type: application/ocsp-request\r\n" > "Content-Length: %zu\r\n" > + "Connection: close\r\n" ...but Connection: close is an HTTP/1.1 header, so this isn't entirely legit. Does it work without that (i.e. just add Accept/Content-Type)? > "\r\n", > http->path, http->host, psz); > # obj/ocspcheck -N -vvv server.crt > Built an 83 byte ocsp request > Using http to host ocsp.sectigo.com, port 80, path / > DNS returns 2001:4de0:ac19::1:b:3b for ocsp.sectigo.com > Server at ocsp.sectigo.com returns: > [Body]=[471 bytes] > OCSP response signature validated from ocsp.sectigo.com > OCSP response status 0 from host ocsp.sectigo.com > OCSP response validated from ocsp.sectigo.com > This Update: Thu Jan 9 01:20:43 2020 > Next Update: Sun Jan 12 21:20:43 2020
