Changeset b888e8b in mod_gnutls for include


Ignore:
Timestamp:
Nov 1, 2016, 7:20:42 AM (14 months ago)
Author:
Thomas Klute <thomas2.klute@…>
Branches:
master, debian, upstream
Children:
b26a792
Parents:
b34a67e
git-author:
Thomas Klute <thomas2.klute@…> (10/31/16 19:42:11)
git-committer:
Thomas Klute <thomas2.klute@…> (11/01/16 07:20:42)
Message:

New directive GnuTLSOCSPCheckNonce

Some CAs refuse to send nonces in their OCSP responses, probably
because that way they can cache responses. This makes nonce
verification fail, so give the user an option disable it.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • include/mod_gnutls.h.in

    r3475e62 rb888e8b  
    213213    /* Enable OCSP stapling */
    214214    unsigned char ocsp_staple;
     215    /* Check nonce in OCSP responses? */
     216    unsigned char ocsp_check_nonce;
    215217    /* Read OCSP response for stapling from this file instead of
    216218     * sending a request over HTTP */
Note: See TracChangeset for help on using the changeset viewer.