GnuTLS: full-chain OCSP stapling. Bug 1466

[exim.git] / src / src / tls-openssl.c

diff --git a/src/src/tls-openssl.c b/src/src/tls-openssl.c
index 541c45a9435c1e9be3298e04076a48a99194cd08..a1dee6dd03f08394bab50bf6c67aa908a684e2f5 100644 (file)
--- a/src/src/tls-openssl.c
+++ b/src/src/tls-openssl.c
@@ -261,6 +261,9 @@ for (struct exim_openssl_option * o = exim_openssl_options;
 # ifdef EXPERIMENTAL_TLS_RESUME
 builtin_macro_create_var(US"_RESUME_DECODE", RESUME_DECODE_STRING );
 # endif
+# ifdef SSL_OP_NO_TLSv1_3
+builtin_macro_create(US"_HAVE_TLS1_3");
+# endif
 }
 #else
 
@@ -1312,7 +1315,8 @@ if (!OCSP_check_validity(thisupd, nextupd, EXIM_OCSP_SKEW_SECONDS, EXIM_OCSP_MAX
   }
 
 supply_response:
-  cbinfo->u_ocsp.server.response = resp;       /*XXX stack?*/
+  /*XXX stack? (these tag points are for multiple leaf-cert support for ocsp */
+  cbinfo->u_ocsp.server.response = resp;
 return;
 
 bad: