Log Message: |
On the ocsp-verification branch: Implement response parsing and verification.
* BRANCH-README: Update branch docs.
* serf_bucket_types.h
(serf_ssl_ocsp_request_export): Update docstring.
(serf_ssl_ocsp_response_parse
serf_ssl_ocsp_response_verify): Update prototype and docstring.
* buckets/ssl_buckets.c
(ocsp_response_status): New private helper function, extracted from ...
(ocsp_callback): ... here, which uses it for response status checking.
(ssl_ocsp_request_t): Replace the encoded server and issuer certificates
with the OCSP certificate ID used to create requests and verify
responses.
(serf_ssl_ocsp_request_create,
serf_ssl_ocsp_request_export,
serf_ssl_ocsp_request_import): Update to match changed ssl_ocsp_request_t.
(serf_ssl_ocsp_response_t): Change the type of the enclosed response.
(free_ocsp_cert_id, free_ocsp_response): New; pool cleanup functions.
(convert_asn1_generalized_time): New private helper function.
(serf_ssl_ocsp_response_parse,
serf_ssl_ocsp_response_verify): Update prototypes and implement.
|