gtls: add support for the Certificate Status Request TLS extension

Also known as "status_request" or OCSP stapling, defined in RFC6066 section 8. This requires GnuTLS 3.1.3 or higher to build, however it's recommended to use at least GnuTLS 3.3.11 since previous versions had a bug that caused the OCSP response verfication to fail even on valid responses.
author: Alessandro Ghedini <alessandro@ghedini.me> 2014-06-16 13:21:02 +0200
committer: Daniel Stenberg <daniel@haxx.se> 2015-01-16 23:23:29 +0100
commit: f13669a375f5bfd14797bda91642cabe076974fa (patch)
tree: 2930cae5863ac6f60d3dc615ccba00684ac01885 /lib/vtls/gtls.h
parent: 3af90a6e19249807f99bc9ee7b50d3e58849072a (diff)
download: curl-f13669a375f5bfd14797bda91642cabe076974fa.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/lib/vtls/gtls.h b/lib/vtls/gtls.h
index 12460beda..d02a366a6 100644
--- a/lib/vtls/gtls.h
+++ b/lib/vtls/gtls.h
@@ -53,6 +53,8 @@ void Curl_gtls_md5sum(unsigned char *tmp, /* input */
                       unsigned char *md5sum, /* output */
                       size_t md5len);
 
+bool Curl_gtls_cert_status_request(void);
+
 /* API setup for GnuTLS */
 #define curlssl_init Curl_gtls_init
 #define curlssl_cleanup Curl_gtls_cleanup
@@ -70,6 +72,7 @@ void Curl_gtls_md5sum(unsigned char *tmp, /* input */
 #define curlssl_data_pending(x,y) ((void)x, (void)y, 0)
 #define curlssl_random(x,y,z) Curl_gtls_random(x,y,z)
 #define curlssl_md5sum(a,b,c,d) Curl_gtls_md5sum(a,b,c,d)
+#define curlssl_cert_status_request() Curl_gtls_cert_status_request()
 #define CURL_SSL_BACKEND CURLSSLBACKEND_GNUTLS
 
 #endif /* USE_GNUTLS */
author	Alessandro Ghedini <alessandro@ghedini.me>	2014-06-16 13:21:02 +0200
committer	Daniel Stenberg <daniel@haxx.se>	2015-01-16 23:23:29 +0100
commit	f13669a375f5bfd14797bda91642cabe076974fa (patch)
tree	2930cae5863ac6f60d3dc615ccba00684ac01885 /lib/vtls/gtls.h
parent	3af90a6e19249807f99bc9ee7b50d3e58849072a (diff)
download	curl-f13669a375f5bfd14797bda91642cabe076974fa.tar.gz