From: Ben Greear <greearb@xxxxxxxxxxxxxxx> The openssl responder process will stop if it receives bad input, so add a loop in the start script to restart it if it stops for any reason. Signed-off-by: Ben Greear <greearb@xxxxxxxxxxxxxxx> --- hs20/server/ca/ocsp-responder.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/hs20/server/ca/ocsp-responder.sh b/hs20/server/ca/ocsp-responder.sh index 8cebd7453..9364743db 100755 --- a/hs20/server/ca/ocsp-responder.sh +++ b/hs20/server/ca/ocsp-responder.sh @@ -1,3 +1,12 @@ #!/bin/sh -openssl ocsp -index demoCA/index.txt -port 8888 -nmin 5 -rsigner ocsp.pem -rkey ocsp.key -CA demoCA/cacert.pem -text +# Openssl will exit in case bad input is received (telnet to 8888 and type hello) +# So, add a loop to restart it as needed. + +while true +do + openssl ocsp -index demoCA/index.txt -port 8888 -nmin 5 -rsigner ocsp.pem -rkey ocsp.key -CA demoCA/cacert.pem -text + echo "Restarting openssl ocsp responder, exit value: $?" + sleep 1 # no hot loops allowed +done + -- 2.14.4 _______________________________________________ Hostap mailing list Hostap@xxxxxxxxxxxxxxxxxxx http://lists.infradead.org/mailman/listinfo/hostap
