cce4bc
--- a/modules/ssl/ssl_util_stapling.c  2014/05/07 12:51:38 1593001
cce4bc
+++ b/modules/ssl/ssl_util_stapling.c  2014/05/07 12:52:13 1593002
cce4bc
@@ -145,14 +145,15 @@
cce4bc
     X509_digest(x, EVP_sha1(), cinf->idx, NULL);
cce4bc
 
cce4bc
     aia = X509_get1_ocsp(x);
cce4bc
-    if (aia)
cce4bc
+    if (aia) {
cce4bc
         cinf->uri = sk_OPENSSL_STRING_pop(aia);
cce4bc
+        X509_email_free(aia);
cce4bc
+    }
cce4bc
     if (!cinf->uri && !mctx->stapling_force_url) {
cce4bc
         ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02218)
cce4bc
                      "ssl_stapling_init_cert: no responder URL");
cce4bc
+        return 0;
cce4bc
     }
cce4bc
-    if (aia)
cce4bc
-        X509_email_free(aia);
cce4bc
     return 1;
cce4bc
 }
cce4bc
 
cce4bc
@@ -403,6 +404,13 @@
cce4bc
     else
cce4bc
         ocspuri = cinf->uri;
cce4bc
 
cce4bc
+    if (!ocspuri) {
cce4bc
+        ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, APLOGNO(02621)
cce4bc
+                     "stapling_renew_response: no uri for responder");
cce4bc
+        rv = FALSE;
cce4bc
+        goto done;
cce4bc
+    }
cce4bc
+
cce4bc
     /* Create a temporary pool to constrain memory use */
cce4bc
     apr_pool_create(&vpool, conn->pool);
cce4bc