From 4514bb353a9327b6bed626280a699a2f103019b1 Mon Sep 17 00:00:00 2001
From: Nikos Mavrogiannopoulos <nmav@redhat.com>
Date: Mon, 16 Oct 2017 14:40:22 +0200
Subject: ocsp: introduced a new OCSP response callback

That allows more information to be provided to the application callback,
including the certificate that the response is needed for.

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
---
 lib/includes/gnutls/gnutls.h.in | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)

(limited to 'lib/includes/gnutls')

diff --git a/lib/includes/gnutls/gnutls.h.in b/lib/includes/gnutls/gnutls.h.in
index 4f02010a4d..e815437228 100644
--- a/lib/includes/gnutls/gnutls.h.in
+++ b/lib/includes/gnutls/gnutls.h.in
@@ -1868,6 +1868,17 @@ int gnutls_certificate_get_x509_crt(gnutls_certificate_credentials_t res,
 typedef int (*gnutls_status_request_ocsp_func)
  (gnutls_session_t session, void *ptr, gnutls_datum_t * ocsp_response);
 
+typedef struct gnutls_cert_info_st {
+	const struct gnutls_pcert_st *pcert;
+	unsigned cert_index; /* position in chain - zero being the end-certificate */
+	unsigned flags;
+} gnutls_cert_info_st;
+
+typedef int (*gnutls_status_request_ocsp_func2)(gnutls_session_t session,
+						const gnutls_cert_info_st *cinfo,
+						void *ptr,
+						gnutls_datum_t *ocsp_response);
+
 void
 gnutls_certificate_set_ocsp_status_request_function
 (gnutls_certificate_credentials_t res,
@@ -1878,6 +1889,14 @@ gnutls_certificate_set_ocsp_status_request_function2
 (gnutls_certificate_credentials_t res, unsigned idx,
 gnutls_status_request_ocsp_func ocsp_func, void *ptr);
 
+#define GNUTLS_OCSP_CB_GLOBAL_SET 1
+int
+gnutls_certificate_set_ocsp_status_request_function3(gnutls_certificate_credentials_t sc,
+						     unsigned idx,
+						     gnutls_status_request_ocsp_func2 ocsp_func,
+						     void *ptr,
+						     unsigned flags);
+
 int
 gnutls_certificate_set_ocsp_status_request_file
 (gnutls_certificate_credentials_t res, const char *response_file,
-- 
cgit v1.2.1