From b82b5f401b96a20fc7fffe9916f2b991cf2402f6 Mon Sep 17 00:00:00 2001
From: Hideki Miyazaki <hide@wolfssl.com>
Date: Sun, 4 Aug 2024 08:38:08 +0900
Subject: [PATCH] sever side checks OCSP even if it uses v2 multi

---
 src/internal.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/internal.c b/src/internal.c
index 697686acdf..dcc8ea4711 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -14839,7 +14839,9 @@ int ProcessPeerCerts(WOLFSSL* ssl, byte* input, word32* inOutIdx,
                 #ifdef HAVE_OCSP
                     #ifdef HAVE_CERTIFICATE_STATUS_REQUEST_V2
                         addToPendingCAs = 0;
-                        if (ssl->status_request_v2 && TLSX_CSR2_IsMulti(ssl->extensions)) {
+                        if (ssl->options.side == WOLFSSL_CLIENT_END &&
+                            ssl->status_request_v2 &&
+                            TLSX_CSR2_IsMulti(ssl->extensions)) {
                             ret = TLSX_CSR2_InitRequests(ssl->extensions,
                                                     args->dCert, 0, ssl->heap);
                             addToPendingCAs = 1;