Merge branch 'master' of ssh://git.exim.org/home/git/exim

[exim.git] / src / src / globals.h

diff --git a/src/src/globals.h b/src/src/globals.h
index cfa6d2bff71ac710d84cd12305fae6cf257fd0f1..8b55321f91c7d7872cb5f1d921138487b2bc94a7 100644 (file)
--- a/src/src/globals.h
+++ b/src/src/globals.h
@@ -85,8 +85,17 @@ typedef struct {
   uschar *cipher;             /* Cipher used */
   BOOL    on_connect;         /* For older MTAs that don't STARTTLS */
   uschar *on_connect_ports;   /* Ports always tls-on-connect */
+  void   *ourcert;            /* Certificate we presented, binary */
+  void  *peercert;           /* Certificate of peer, binary */
   uschar *peerdn;             /* DN from peer */
   uschar *sni;                /* Server Name Indication */
+  enum {
+    OCSP_NOT_REQ=0,            /* not requested */
+    OCSP_NOT_RESP,             /* no response to request */
+    OCSP_VFY_NOT_TRIED,                /* response not verified */
+    OCSP_FAILED,               /* verify failed */
+    OCSP_VFIED                 /* verified */
+    }     ocsp;                      /* Stapled OCSP status */
 } tls_support;
 extern tls_support tls_in;
 extern tls_support tls_out;
@@ -105,7 +114,7 @@ extern uschar *tls_channelbinding_b64; /* string of base64 channel binding */
 extern uschar *tls_crl;                /* CRL File */
 extern int     tls_dh_max_bits;        /* don't accept higher lib suggestions */
 extern uschar *tls_dhparam;            /* DH param file */
-#if defined(EXPERIMENTAL_OCSP) && !defined(USE_GNUTLS)
+#if defined(EXPERIMENTAL_OCSP)
 extern uschar *tls_ocsp_file;          /* OCSP stapling proof file */
 #endif
 extern BOOL    tls_offered;            /* Server offered TLS */