ocsp: introduced a new OCSP response callback

That allows more information to be provided to the application callback,
including the certificate that the response is needed for.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>

1 files changed, 19 insertions, 0 deletions

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 4f02010a4d..e815437228 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1868,6 +1868,17 @@ int gnutls_certificate_get_x509_crt(gnutls_certificate_credentials_t res,
 typedef int (*gnutls_status_request_ocsp_func)
  (gnutls_session_t session, void *ptr, gnutls_datum_t * ocsp_response);
 
+typedef struct gnutls_cert_info_st {
+	const struct gnutls_pcert_st *pcert;
+	unsigned cert_index; /* position in chain - zero being the end-certificate */
+	unsigned flags;
+} gnutls_cert_info_st;
+
+typedef int (*gnutls_status_request_ocsp_func2)(gnutls_session_t session,
+						const gnutls_cert_info_st *cinfo,
+						void *ptr,
+						gnutls_datum_t *ocsp_response);
+
 void
 gnutls_certificate_set_ocsp_status_request_function
 (gnutls_certificate_credentials_t res,
@@ -1878,6 +1889,14 @@ gnutls_certificate_set_ocsp_status_request_function2
 (gnutls_certificate_credentials_t res, unsigned idx,
 gnutls_status_request_ocsp_func ocsp_func, void *ptr);
 
+#define GNUTLS_OCSP_CB_GLOBAL_SET 1
+int
+gnutls_certificate_set_ocsp_status_request_function3(gnutls_certificate_credentials_t sc,
+						     unsigned idx,
+						     gnutls_status_request_ocsp_func2 ocsp_func,
+						     void *ptr,
+						     unsigned flags);
+
 int
 gnutls_certificate_set_ocsp_status_request_file
 (gnutls_certificate_credentials_t res, const char *response_file,