/*BIO_printf(arg, "OCSP response: ");*/
if (!p)
{
- BIO_printf(arg, "no response received\n");
+ BIO_printf(arg, "no OCSP response received\n");
return 1;
}
if(!(rsp = d2i_OCSP_RESPONSE(NULL, &p, len)))
{
- BIO_printf(arg, "response parse error\n");
+ BIO_printf(arg, "OCSP response parse error\n");
BIO_dump_indent(arg, (char *)p, len, 4);
return 0;
}
if(!(bs = OCSP_response_get1_basic(rsp)))
{
- BIO_printf(arg, "error parsing response\n");
+ BIO_printf(arg, "error parsing OCSP response\n");
return 0;
}
if(OCSP_basic_verify(bs, sk, NULL, OCSP_NOVERIFY) <= 0)
{
- BIO_printf(arg, "Response Verify Failure\n");
+ BIO_printf(arg, "OCSP status response verify failure\n");
ERR_print_errors(arg);
ret = 0;
}
else
- BIO_printf(arg, "Response verify OK\n");
+ BIO_printf(arg, "OCSP status response: good signature\n");
cert_stack_free(sk);
return ret;
return 0;
}
-printf("SSL connection using %s\n", SSL_get_cipher (*ssl));
+/* printf("SSL connection using %s\n", SSL_get_cipher (*ssl)); */
return 1;
}
}
fflush(stdout);
}
+ else
+ printf("Succeeded in starting TLS (with OCSP)\n");
#endif
}
#endif
exit(85);
}
+#ifdef TCP_QUICKACK
+ {
+ int off = 0;
+ (void) setsockopt(srv.sock, IPPROTO_TCP, TCP_QUICKACK, US &off, sizeof(off));
+ }
+#endif
+
printf("connected\n");
printf("Failed to verify certificate status\n");
#endif
else
- printf("Succeeded in starting TLS\n");
+ printf("Succeeded in starting TLS%s\n", ocsp_stapling ? " (with OCSP)":"");
}
#endif