#include <openssl/ocsp.h> OSSL_HTTP_REQ_CTX *OCSP_sendreq_new(BIO *io, const char *path, const OCSP_REQUEST *req, int buf_size); OCSP_RESPONSE *OCSP_sendreq_bio(BIO *io, const char *path, OCSP_REQUEST *req);
The following functions have been deprecated since OpenSSL 3.0, and can be hidden entirely by defining OPENSSL_API_COMPAT with a suitable version value, see openssl_user_macros(7):
typedef OSSL_HTTP_REQ_CTX OCSP_REQ_CTX; int OCSP_sendreq_nbio(OCSP_RESPONSE **presp, OSSL_HTTP_REQ_CTX *rctx); int OCSP_REQ_CTX_i2d(OCSP_REQ_CT *rctx, const ASN1_ITEM *it, ASN1_VALUE *req); int OCSP_REQ_CTX_add1_header(OCSP_REQ_CT *rctx, const char *name, const char *value); void OCSP_REQ_CTX_free(OCSP_REQ_CTX *rctx); void OCSP_set_max_response_length(OCSP_REQ_CT *rctx, unsigned long len); int OCSP_REQ_CTX_set1_req(OCSP_REQ_CTX *rctx, const OCSP_REQUEST *req);
The function OCSP_sendreq_new() builds a complete OSSL_HTTP_REQ_CTX structure with the BIO io to be used for requests and response, the URL path path, optionally the OCSP request req, and a response header maximum line length of buf_size. If buf_size is zero a default value of 4KiB is used. The req may be set to NULL and provided later using OCSP_REQ_CTX_set1_req() or OSSL_HTTP_REQ_CTX_set1_req(3). The io and path arguments to OCSP_sendreq_new() correspond to the components of the URL. For example if the responder URL is "http://example.com/ocspreq" the BIO io should haven been connected to host "example.com" on port 80 and path should be set to "/ocspreq".
OCSP_sendreq_nbio() attempts to send the request prepared in rctx and to gather the response via HTTP, using the BIO io and path that were given when calling OCSP_sendreq_new(). If the operation gets completed it assigns the response, a pointer to a OCSP_RESPONSE structure, in *presp. The function may need to be called again if its result is -1, which indicates BIO_should_retry(3). In such a case it is advisable to sleep a little in between, using BIO_wait(3) on the read BIO to prevent a busy loop.
OCSP_sendreq_bio() combines OCSP_sendreq_new() with as many calls of OCSP_sendreq_nbio() as needed and then OCSP_REQ_CTX_free(), with a response header maximum line length 4k. It waits indefinitely on a response. It does not support setting a timeout or adding headers and is retained for compatibility; use OSSL_HTTP_transfer(3) instead.
OCSP_REQ_CTX_i2d(rctx, it, req) is equivalent to the following:
OSSL_HTTP_REQ_CTX_set1_req(rctx, "application/ocsp-request", it, req)
OCSP_REQ_CTX_set1_req(rctx, req) is equivalent to the following:
OSSL_HTTP_REQ_CTX_set1_req(rctx, "application/ocsp-request", ASN1_ITEM_rptr(OCSP_REQUEST), (const ASN1_VALUE *)req)
The deprecated type and the remaining deprecated functions have been superseded by the following equivalents: OCSP_REQ_CTX by OSSL_HTTP_REQ_CTX(3), OCSP_REQ_CTX_add1_header() by OSSL_HTTP_REQ_CTX_add1_header(3), OCSP_REQ_CTX_free() by OSSL_HTTP_REQ_CTX_free(3), and OCSP_set_max_response_length() by OSSL_HTTP_REQ_CTX_set_max_response_length(3).
OCSP_sendreq_nbio() returns 1 for success, 0 on error, -1 if retry is needed.
OCSP_sendreq_bio() returns the OCSP_RESPONSE structure sent by the responder or NULL if an error occurred.
Licensed under the Apache License 2.0 (the ``License''). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.