Merge branch 'experimental_ocsp'

diff --cc doc/doc-txt/ChangeLog
index fdb0074ab66ea980843c978b54d909022ee04ad6,7c6ce246f2a62b31fcc57f289aa0d7b451d57f2c..991f59f081c58b47ca91eb2d07b97dc1b297dfed
--- 1/doc/doc-txt/ChangeLog
--- 2/doc/doc-txt/ChangeLog
+++ b/doc/doc-txt/ChangeLog
@@@ -91,22 -91,8 +91,24 @@@ PP/20 Revert part of NM/04, it broke lo
  
  PP/21 Defaulting "accept_8bitmime" to true, not false.
  
 -PP/22 Added EXPERIMENTAL_OCSP for OpenSSL.
 +PP/22 Added -bw for inetd wait mode support.
 +
 +PP/23 Added PCRE_CONFIG=yes support to Makefile for using pcre-config to
 +      locate the relevant includes and libraries.  Made this the default.
 +
 +PP/24 Fixed headers_only on smtp transports (was not sending trailing dot).
 +      Bugzilla 1246, report and most of solution from Tomasz Kusy.
 +
 +JH/02 ${eval } now uses 64-bit and supports a "g" suffix (like to "k" and "m").
 +      This may cause build issues on older platforms.
 +
 +PP/25 Revamped GnuTLS support, passing tls_require_ciphers to
 +      gnutls_priority_init, ignoring Exim options gnutls_require_kx,
 +      gnutls_require_mac & gnutls_require_protocols (no longer supported).
 +      Added SNI support via GnuTLS too.
 +
++PP/26 Added EXPERIMENTAL_OCSP for OpenSSL.
+ 
  
  Exim version 4.77
  -----------------

diff --cc doc/doc-txt/NewStuff
index 57102958a2a1f1ad11db808f81234985150df58f,96839cde6fdf0c48fcd20753d7a35371aa6b70dc..d41d79c837fb523b7a4d22231597fc030965e094
--- 1/doc/doc-txt/NewStuff
--- 2/doc/doc-txt/NewStuff
+++ b/doc/doc-txt/NewStuff
@@@ -63,23 -62,14 +63,31 @@@ Version 4.7
      Those who disagree, or know that they are talking to mail servers that,
      even today, are not 8-bit clean, need to turn off this option.
  
 - 9. With OpenSSL, if built with EXPERIMENTAL_OCSP, a new option tls_ocsp_file
 + 9. Exim can now be started with -bw (with an optional timeout, given as
 +    -bw<timespec>).  With this, stdin at startup is a socket that is
 +    already listening for connections.  This has a more modern name of
 +    "socket activation", but forcing the activated socket to fd 0.  We're
 +    interested in adding more support for modern variants.
 +
 +10. ${eval } now uses 64-bit values on supporting platforms.  A new "G" suffux
 +    for numbers indicates multiplication by 1024^3.
 +
 +11. The GnuTLS support has been revamped; the three options gnutls_require_kx,
 +    gnutls_require_mac & gnutls_require_protocols are no longer supported.
 +    tls_require_ciphers is now parsed by gnutls_priority_init(3) as a priority
 +    string, documentation for which is at:
 +    http://www.gnu.org/software/gnutls/manual/html_node/Priority-Strings.html
 +
 +    SNI support has been added to Exim's GnuTLS integration too.
 +
++12. With OpenSSL, if built with EXPERIMENTAL_OCSP, a new option tls_ocsp_file
+     is now available.  If the contents of the file are valid, then Exim will
+     send that back in response to a TLS status request; this is OCSP Stapling.
+     Exim will not maintain the contents of the file in any way: administrators
+     are responsible for ensuring that it is up-to-date.
+ 
+     See "experimental-spec.txt" for more details.
+ 
  
  Version 4.77
  ------------

diff --cc src/src/EDITME
Simple merge

diff --cc src/src/config.h.defaults
Simple merge

diff --cc src/src/globals.c
Simple merge

diff --cc src/src/globals.h
Simple merge

diff --cc src/src/readconf.c
Simple merge

diff --cc src/src/tls-openssl.c
Simple merge