------- You are receiving this mail because: -------
You are on the CC list for the bug.
http://bugs.exim.org/show_bug.cgi?id=1459
Git Commit <git@???> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |git@???
--- Comment #2 from Git Commit <git@???> 2014-04-25 00:17:10 ---
Git commit:
http://git.exim.org/exim.git/commitdiff/2b4a568dfa3d79a9a968984cf5b23829c084a951
commit 2b4a568dfa3d79a9a968984cf5b23829c084a951
Author: Jeremy Harris <jgh146exb@???>
AuthorDate: Thu Apr 24 23:28:24 2014 +0100
Commit: Jeremy Harris <jgh146exb@???>
CommitDate: Thu Apr 24 23:28:24 2014 +0100
support ocsp stapling under gnutls. bug 1459
requires gnutls version 3.1.3 or later.
under experimental_ocsp
----
doc/doc-txt/ChangeLog | 2 +
doc/doc-txt/NewStuff | 3 +
doc/doc-txt/experimental-spec.txt | 12 +-
src/src/EDITME | 2 +-
src/src/globals.c | 2 +-
src/src/globals.h | 2 +-
src/src/readconf.c | 2 +-
src/src/tls-gnu.c | 105 ++++++++--
test/aux-fixed/exim-ca/README | 6 +-
test/aux-fixed/exim-ca/example.com/BLANK/CA.pem | 20 +-
.../aux-fixed/exim-ca/example.com/BLANK/Signer.pem | 18 +-
test/aux-fixed/exim-ca/example.com/BLANK/cert8.db | Bin 65536 -> 65536 bytes
test/aux-fixed/exim-ca/example.com/BLANK/key3.db | Bin 16384 -> 16384 bytes
test/aux-fixed/exim-ca/example.com/CA/CA.pem | 20 +-
test/aux-fixed/exim-ca/example.com/CA/OCSP.key | 30 ++--
test/aux-fixed/exim-ca/example.com/CA/OCSP.p12 | Bin 2898 -> 2906 bytes
test/aux-fixed/exim-ca/example.com/CA/OCSP.pem | 14 +-
test/aux-fixed/exim-ca/example.com/CA/Signer.pem | 18 +-
test/aux-fixed/exim-ca/example.com/CA/ca.conf | 2 +-
test/aux-fixed/exim-ca/example.com/CA/cert8.db | Bin 65536 -> 65536 bytes
test/aux-fixed/exim-ca/example.com/CA/crl.empty | Bin 240 -> 240 bytes
.../exim-ca/example.com/CA/crl.empty.in.txt | 2 +-
.../aux-fixed/exim-ca/example.com/CA/crl.empty.pem | 8 +-
test/aux-fixed/exim-ca/example.com/CA/crl.v2 | Bin 289 -> 289 bytes
.../aux-fixed/exim-ca/example.com/CA/crl.v2.in.txt | 6 +-
test/aux-fixed/exim-ca/example.com/CA/crl.v2.pem | 12 +-
test/aux-fixed/exim-ca/example.com/CA/key3.db | Bin 24576 -> 24576 bytes
test/aux-fixed/exim-ca/example.com/CA/noise.file | 221 ++++++++++----------
.../example.com/expired1.example.com/ca_chain.pem | 58 +++---
.../example.com/expired1.example.com/cert8.db | Bin 65536 -> 65536 bytes
.../expired1.example.com.chain.pem | 38 ++--
.../expired1.example.com/expired1.example.com.key | 32 ++--
.../expired1.example.com.ocsp.dated.resp | Bin 923 -> 923 bytes
.../expired1.example.com.ocsp.good.resp | Bin 904 -> 923 bytes
.../expired1.example.com.ocsp.req | Bin 105 -> 105 bytes
.../expired1.example.com.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../expired1.example.com/expired1.example.com.p12 | Bin 3076 -> 3076 bytes
.../expired1.example.com/expired1.example.com.pem | 20 +-
.../expired1.example.com.unlocked.key | 26 ++--
.../example.com/expired1.example.com/key3.db | Bin 16384 -> 16384 bytes
.../example.com/expired2.example.com/ca_chain.pem | 58 +++---
.../example.com/expired2.example.com/cert8.db | Bin 65536 -> 65536 bytes
.../expired2.example.com.chain.pem | 38 ++--
.../expired2.example.com/expired2.example.com.key | 32 ++--
.../expired2.example.com.ocsp.dated.resp | Bin 924 -> 924 bytes
.../expired2.example.com.ocsp.good.resp | Bin 905 -> 924 bytes
.../expired2.example.com.ocsp.req | Bin 106 -> 106 bytes
.../expired2.example.com.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../expired2.example.com/expired2.example.com.p12 | Bin 3076 -> 3076 bytes
.../expired2.example.com/expired2.example.com.pem | 20 +-
.../expired2.example.com.unlocked.key | 26 ++--
.../example.com/expired2.example.com/key3.db | Bin 16384 -> 16384 bytes
.../example.com/revoked1.example.com/ca_chain.pem | 58 +++---
.../example.com/revoked1.example.com/cert8.db | Bin 65536 -> 65536 bytes
.../example.com/revoked1.example.com/key3.db | Bin 16384 -> 16384 bytes
.../revoked1.example.com.chain.pem | 38 ++--
.../revoked1.example.com/revoked1.example.com.key | 32 ++--
.../revoked1.example.com.ocsp.dated.resp | Bin 923 -> 923 bytes
.../revoked1.example.com.ocsp.good.resp | Bin 904 -> 923 bytes
.../revoked1.example.com.ocsp.req | Bin 105 -> 105 bytes
.../revoked1.example.com.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../revoked1.example.com/revoked1.example.com.p12 | Bin 3076 -> 3076 bytes
.../revoked1.example.com/revoked1.example.com.pem | 20 +-
.../revoked1.example.com.unlocked.key | 26 ++--
.../example.com/revoked2.example.com/ca_chain.pem | 58 +++---
.../example.com/revoked2.example.com/cert8.db | Bin 65536 -> 65536 bytes
.../example.com/revoked2.example.com/key3.db | Bin 16384 -> 16384 bytes
.../revoked2.example.com.chain.pem | 38 ++--
.../revoked2.example.com/revoked2.example.com.key | 32 ++--
.../revoked2.example.com.ocsp.dated.resp | Bin 924 -> 924 bytes
.../revoked2.example.com.ocsp.good.resp | Bin 905 -> 924 bytes
.../revoked2.example.com.ocsp.req | Bin 106 -> 106 bytes
.../revoked2.example.com.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../revoked2.example.com/revoked2.example.com.p12 | Bin 3076 -> 3076 bytes
.../revoked2.example.com/revoked2.example.com.pem | 20 +-
.../revoked2.example.com.unlocked.key | 26 ++--
.../example.com/server1.example.com/ca_chain.pem | 68 +++---
.../example.com/server1.example.com/cert8.db | Bin 65536 -> 65536 bytes
.../example.com/server1.example.com/key3.db | Bin 16384 -> 16384 bytes
.../server1.example.com.chain.pem | 48 +++--
.../server1.example.com/server1.example.com.key | 32 ++--
.../server1.example.com.ocsp.dated.resp | Bin 923 -> 923 bytes
.../server1.example.com.ocsp.good.resp | Bin 904 -> 923 bytes
.../server1.example.com.ocsp.req | Bin 105 -> 105 bytes
.../server1.example.com.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../server1.example.com/server1.example.com.p12 | Bin 3066 -> 3138 bytes
.../server1.example.com/server1.example.com.pem | 30 ++--
.../server1.example.com.unlocked.key | 26 ++--
.../example.com/server2.example.com/ca_chain.pem | 58 +++---
.../example.com/server2.example.com/cert8.db | Bin 65536 -> 65536 bytes
.../example.com/server2.example.com/key3.db | Bin 16384 -> 16384 bytes
.../server2.example.com.chain.pem | 38 ++--
.../server2.example.com/server2.example.com.key | 32 ++--
.../server2.example.com.ocsp.dated.resp | Bin 924 -> 924 bytes
.../server2.example.com.ocsp.good.resp | Bin 905 -> 924 bytes
.../server2.example.com.ocsp.req | Bin 106 -> 106 bytes
.../server2.example.com.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../server2.example.com/server2.example.com.p12 | Bin 3066 -> 3066 bytes
.../server2.example.com/server2.example.com.pem | 20 +-
.../server2.example.com.unlocked.key | 26 ++--
test/aux-fixed/exim-ca/example.net/BLANK/CA.pem | 20 +-
.../aux-fixed/exim-ca/example.net/BLANK/Signer.pem | 18 +-
test/aux-fixed/exim-ca/example.net/BLANK/cert8.db | Bin 65536 -> 65536 bytes
test/aux-fixed/exim-ca/example.net/BLANK/key3.db | Bin 16384 -> 16384 bytes
test/aux-fixed/exim-ca/example.net/CA/CA.pem | 20 +-
test/aux-fixed/exim-ca/example.net/CA/OCSP.key | 30 ++--
test/aux-fixed/exim-ca/example.net/CA/OCSP.p12 | Bin 2906 -> 2906 bytes
test/aux-fixed/exim-ca/example.net/CA/OCSP.pem | 14 +-
test/aux-fixed/exim-ca/example.net/CA/Signer.pem | 18 +-
test/aux-fixed/exim-ca/example.net/CA/ca.conf | 2 +-
test/aux-fixed/exim-ca/example.net/CA/cert8.db | Bin 65536 -> 65536 bytes
test/aux-fixed/exim-ca/example.net/CA/crl.empty | Bin 240 -> 240 bytes
.../exim-ca/example.net/CA/crl.empty.in.txt | 2 +-
.../aux-fixed/exim-ca/example.net/CA/crl.empty.pem | 8 +-
test/aux-fixed/exim-ca/example.net/CA/crl.v2 | Bin 289 -> 289 bytes
.../aux-fixed/exim-ca/example.net/CA/crl.v2.in.txt | 6 +-
test/aux-fixed/exim-ca/example.net/CA/crl.v2.pem | 12 +-
test/aux-fixed/exim-ca/example.net/CA/key3.db | Bin 24576 -> 24576 bytes
test/aux-fixed/exim-ca/example.net/CA/noise.file | 217 ++++++++++----------
.../example.net/expired1.example.net/ca_chain.pem | 58 +++---
.../example.net/expired1.example.net/cert8.db | Bin 65536 -> 65536 bytes
.../expired1.example.net.chain.pem | 38 ++--
.../expired1.example.net/expired1.example.net.key | 32 ++--
.../expired1.example.net.ocsp.dated.resp | Bin 923 -> 923 bytes
.../expired1.example.net.ocsp.good.resp | Bin 904 -> 923 bytes
.../expired1.example.net.ocsp.req | Bin 105 -> 105 bytes
.../expired1.example.net.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../expired1.example.net/expired1.example.net.p12 | Bin 3076 -> 3076 bytes
.../expired1.example.net/expired1.example.net.pem | 20 +-
.../expired1.example.net.unlocked.key | 26 ++--
.../example.net/expired1.example.net/key3.db | Bin 16384 -> 16384 bytes
.../example.net/expired2.example.net/ca_chain.pem | 58 +++---
.../example.net/expired2.example.net/cert8.db | Bin 65536 -> 65536 bytes
.../expired2.example.net.chain.pem | 38 ++--
.../expired2.example.net/expired2.example.net.key | 32 ++--
.../expired2.example.net.ocsp.dated.resp | Bin 924 -> 924 bytes
.../expired2.example.net.ocsp.good.resp | Bin 905 -> 924 bytes
.../expired2.example.net.ocsp.req | Bin 106 -> 106 bytes
.../expired2.example.net.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../expired2.example.net/expired2.example.net.p12 | Bin 3076 -> 3076 bytes
.../expired2.example.net/expired2.example.net.pem | 20 +-
.../expired2.example.net.unlocked.key | 26 ++--
.../example.net/expired2.example.net/key3.db | Bin 16384 -> 16384 bytes
.../example.net/revoked1.example.net/ca_chain.pem | 58 +++---
.../example.net/revoked1.example.net/cert8.db | Bin 65536 -> 65536 bytes
.../example.net/revoked1.example.net/key3.db | Bin 16384 -> 16384 bytes
.../revoked1.example.net.chain.pem | 38 ++--
.../revoked1.example.net/revoked1.example.net.key | 32 ++--
.../revoked1.example.net.ocsp.dated.resp | Bin 923 -> 923 bytes
.../revoked1.example.net.ocsp.good.resp | Bin 904 -> 923 bytes
.../revoked1.example.net.ocsp.req | Bin 105 -> 105 bytes
.../revoked1.example.net.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../revoked1.example.net/revoked1.example.net.p12 | Bin 3076 -> 3076 bytes
.../revoked1.example.net/revoked1.example.net.pem | 20 +-
.../revoked1.example.net.unlocked.key | 26 ++--
.../example.net/revoked2.example.net/ca_chain.pem | 58 +++---
.../example.net/revoked2.example.net/cert8.db | Bin 65536 -> 65536 bytes
.../example.net/revoked2.example.net/key3.db | Bin 16384 -> 16384 bytes
.../revoked2.example.net.chain.pem | 38 ++--
.../revoked2.example.net/revoked2.example.net.key | 32 ++--
.../revoked2.example.net.ocsp.dated.resp | Bin 924 -> 924 bytes
.../revoked2.example.net.ocsp.good.resp | Bin 905 -> 924 bytes
.../revoked2.example.net.ocsp.req | Bin 106 -> 106 bytes
.../revoked2.example.net.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../revoked2.example.net/revoked2.example.net.p12 | Bin 3076 -> 3076 bytes
.../revoked2.example.net/revoked2.example.net.pem | 20 +-
.../revoked2.example.net.unlocked.key | 26 ++--
.../example.net/server1.example.net/ca_chain.pem | 68 +++---
.../example.net/server1.example.net/cert8.db | Bin 65536 -> 65536 bytes
.../example.net/server1.example.net/key3.db | Bin 16384 -> 16384 bytes
.../server1.example.net.chain.pem | 48 +++--
.../server1.example.net/server1.example.net.key | 32 ++--
.../server1.example.net.ocsp.dated.resp | Bin 923 -> 923 bytes
.../server1.example.net.ocsp.good.resp | Bin 904 -> 923 bytes
.../server1.example.net.ocsp.req | Bin 105 -> 105 bytes
.../server1.example.net.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../server1.example.net/server1.example.net.p12 | Bin 3066 -> 3138 bytes
.../server1.example.net/server1.example.net.pem | 30 ++--
.../server1.example.net.unlocked.key | 26 ++--
.../example.net/server2.example.net/ca_chain.pem | 58 +++---
.../example.net/server2.example.net/cert8.db | Bin 65536 -> 65536 bytes
.../example.net/server2.example.net/key3.db | Bin 16384 -> 16384 bytes
.../server2.example.net.chain.pem | 38 ++--
.../server2.example.net/server2.example.net.key | 32 ++--
.../server2.example.net.ocsp.dated.resp | Bin 924 -> 924 bytes
.../server2.example.net.ocsp.good.resp | Bin 905 -> 924 bytes
.../server2.example.net.ocsp.req | Bin 106 -> 106 bytes
.../server2.example.net.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../server2.example.net/server2.example.net.p12 | Bin 3066 -> 3066 bytes
.../server2.example.net/server2.example.net.pem | 20 +-
.../server2.example.net.unlocked.key | 26 ++--
test/aux-fixed/exim-ca/example.org/BLANK/CA.pem | 20 +-
.../aux-fixed/exim-ca/example.org/BLANK/Signer.pem | 18 +-
test/aux-fixed/exim-ca/example.org/BLANK/cert8.db | Bin 65536 -> 65536 bytes
test/aux-fixed/exim-ca/example.org/BLANK/key3.db | Bin 16384 -> 16384 bytes
test/aux-fixed/exim-ca/example.org/CA/CA.pem | 20 +-
test/aux-fixed/exim-ca/example.org/CA/OCSP.key | 30 ++--
test/aux-fixed/exim-ca/example.org/CA/OCSP.p12 | Bin 2906 -> 2906 bytes
test/aux-fixed/exim-ca/example.org/CA/OCSP.pem | 14 +-
test/aux-fixed/exim-ca/example.org/CA/Signer.pem | 18 +-
test/aux-fixed/exim-ca/example.org/CA/ca.conf | 2 +-
test/aux-fixed/exim-ca/example.org/CA/cert8.db | Bin 65536 -> 65536 bytes
test/aux-fixed/exim-ca/example.org/CA/crl.empty | Bin 240 -> 240 bytes
.../exim-ca/example.org/CA/crl.empty.in.txt | 2 +-
.../aux-fixed/exim-ca/example.org/CA/crl.empty.pem | 8 +-
test/aux-fixed/exim-ca/example.org/CA/crl.v2 | Bin 289 -> 289 bytes
.../aux-fixed/exim-ca/example.org/CA/crl.v2.in.txt | 6 +-
test/aux-fixed/exim-ca/example.org/CA/crl.v2.pem | 12 +-
test/aux-fixed/exim-ca/example.org/CA/key3.db | Bin 24576 -> 24576 bytes
test/aux-fixed/exim-ca/example.org/CA/noise.file | 221 ++++++++++----------
.../example.org/expired1.example.org/ca_chain.pem | 58 +++---
.../example.org/expired1.example.org/cert8.db | Bin 65536 -> 65536 bytes
.../expired1.example.org.chain.pem | 38 ++--
.../expired1.example.org/expired1.example.org.key | 32 ++--
.../expired1.example.org.ocsp.dated.resp | Bin 923 -> 923 bytes
.../expired1.example.org.ocsp.good.resp | Bin 904 -> 923 bytes
.../expired1.example.org.ocsp.req | Bin 105 -> 105 bytes
.../expired1.example.org.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../expired1.example.org/expired1.example.org.p12 | Bin 3076 -> 3076 bytes
.../expired1.example.org/expired1.example.org.pem | 20 +-
.../expired1.example.org.unlocked.key | 26 ++--
.../example.org/expired1.example.org/key3.db | Bin 16384 -> 16384 bytes
.../example.org/expired2.example.org/ca_chain.pem | 58 +++---
.../example.org/expired2.example.org/cert8.db | Bin 65536 -> 65536 bytes
.../expired2.example.org.chain.pem | 38 ++--
.../expired2.example.org/expired2.example.org.key | 32 ++--
.../expired2.example.org.ocsp.dated.resp | Bin 924 -> 924 bytes
.../expired2.example.org.ocsp.good.resp | Bin 905 -> 924 bytes
.../expired2.example.org.ocsp.req | Bin 106 -> 106 bytes
.../expired2.example.org.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../expired2.example.org/expired2.example.org.p12 | Bin 3076 -> 3076 bytes
.../expired2.example.org/expired2.example.org.pem | 20 +-
.../expired2.example.org.unlocked.key | 26 ++--
.../example.org/expired2.example.org/key3.db | Bin 16384 -> 16384 bytes
.../example.org/revoked1.example.org/ca_chain.pem | 58 +++---
.../example.org/revoked1.example.org/cert8.db | Bin 65536 -> 65536 bytes
.../example.org/revoked1.example.org/key3.db | Bin 16384 -> 16384 bytes
.../revoked1.example.org.chain.pem | 38 ++--
.../revoked1.example.org/revoked1.example.org.key | 32 ++--
.../revoked1.example.org.ocsp.dated.resp | Bin 923 -> 923 bytes
.../revoked1.example.org.ocsp.good.resp | Bin 904 -> 923 bytes
.../revoked1.example.org.ocsp.req | Bin 105 -> 105 bytes
.../revoked1.example.org.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../revoked1.example.org/revoked1.example.org.p12 | Bin 3076 -> 3076 bytes
.../revoked1.example.org/revoked1.example.org.pem | 20 +-
.../revoked1.example.org.unlocked.key | 26 ++--
.../example.org/revoked2.example.org/ca_chain.pem | 58 +++---
.../example.org/revoked2.example.org/cert8.db | Bin 65536 -> 65536 bytes
.../example.org/revoked2.example.org/key3.db | Bin 16384 -> 16384 bytes
.../revoked2.example.org.chain.pem | 38 ++--
.../revoked2.example.org/revoked2.example.org.key | 32 ++--
.../revoked2.example.org.ocsp.dated.resp | Bin 924 -> 924 bytes
.../revoked2.example.org.ocsp.good.resp | Bin 905 -> 924 bytes
.../revoked2.example.org.ocsp.req | Bin 106 -> 106 bytes
.../revoked2.example.org.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../revoked2.example.org/revoked2.example.org.p12 | Bin 3076 -> 3076 bytes
.../revoked2.example.org/revoked2.example.org.pem | 20 +-
.../revoked2.example.org.unlocked.key | 26 ++--
.../example.org/server1.example.org/ca_chain.pem | 68 +++---
.../example.org/server1.example.org/cert8.db | Bin 65536 -> 65536 bytes
.../example.org/server1.example.org/key3.db | Bin 16384 -> 16384 bytes
.../server1.example.org.chain.pem | 48 +++--
.../server1.example.org/server1.example.org.key | 32 ++--
.../server1.example.org.ocsp.dated.resp | Bin 923 -> 923 bytes
.../server1.example.org.ocsp.good.resp | Bin 904 -> 923 bytes
.../server1.example.org.ocsp.req | Bin 105 -> 105 bytes
.../server1.example.org.ocsp.revoked.resp | Bin 926 -> 945 bytes
.../server1.example.org/server1.example.org.p12 | Bin 3066 -> 3138 bytes
.../server1.example.org/server1.example.org.pem | 30 ++--
.../server1.example.org.unlocked.key | 26 ++--
.../example.org/server2.example.org/ca_chain.pem | 58 +++---
.../example.org/server2.example.org/cert8.db | Bin 65536 -> 65536 bytes
.../example.org/server2.example.org/key3.db | Bin 16384 -> 16384 bytes
.../server2.example.org.chain.pem | 38 ++--
.../server2.example.org/server2.example.org.key | 32 ++--
.../server2.example.org.ocsp.dated.resp | Bin 924 -> 924 bytes
.../server2.example.org.ocsp.good.resp | Bin 905 -> 924 bytes
.../server2.example.org.ocsp.req | Bin 106 -> 106 bytes
.../server2.example.org.ocsp.revoked.resp | Bin 905 -> 924 bytes
.../server2.example.org/server2.example.org.p12 | Bin 3066 -> 3066 bytes
.../server2.example.org/server2.example.org.pem | 20 +-
.../server2.example.org.unlocked.key | 26 ++--
test/aux-fixed/exim-ca/genall | 13 +-
test/aux-fixed/ocsp_file.der | Bin 1367 -> 0 bytes
test/confs/5650 | 65 ++++++
test/confs/5651 | 118 +++++++++++
test/log/5650 | 7 +
test/log/5651 | 34 +++
test/runtest | 4 +
test/scripts/5600-OCSP-OpenSSL/5600 | 2 +-
.../5600 => 5650-OCSP-GnuTLS/5650} | 8 +-
test/scripts/5650-OCSP-GnuTLS/5651 | 65 ++++++
test/scripts/5650-OCSP-GnuTLS/REQUIRES | 3 +
test/src/client.c | 68 ++++++-
test/stdout/5650 | 80 +++++++
295 files changed, 2739 insertions(+), 2195 deletions(-)
--
Configure bugmail:
http://bugs.exim.org/userprefs.cgi?tab=email
