git://git.exim.org
/
users
/
jgh
/
exim.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
OCSP-stapling enhancement and testing.
[users/jgh/exim.git]
/
src
/
src
/
transports
/
smtp.c
diff --git
a/src/src/transports/smtp.c
b/src/src/transports/smtp.c
index ee260a129b3e2d62d0b073b97236857d10e4fc84..4b5529fd8643cc5c6f1c0814a2a9934f9baad43a 100644
(file)
--- a/
src/src/transports/smtp.c
+++ b/
src/src/transports/smtp.c
@@
-101,6
+101,10
@@
optionlist smtp_transport_options[] = {
{ "hosts_require_auth", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
#ifdef SUPPORT_TLS
{ "hosts_require_auth", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_require_auth) },
#ifdef SUPPORT_TLS
+# if defined EXPERIMENTAL_OCSP
+ { "hosts_require_ocsp", opt_stringptr,
+ (void *)offsetof(smtp_transport_options_block, hosts_require_ocsp) },
+# endif
{ "hosts_require_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
#endif
{ "hosts_require_tls", opt_stringptr,
(void *)offsetof(smtp_transport_options_block, hosts_require_tls) },
#endif
@@
-178,6
+182,9
@@
smtp_transport_options_block smtp_transport_option_defaults = {
NULL, /* hosts_require_auth */
#ifdef EXPERIMENTAL_PRDR
NULL, /* hosts_try_prdr */
NULL, /* hosts_require_auth */
#ifdef EXPERIMENTAL_PRDR
NULL, /* hosts_try_prdr */
+#endif
+#ifdef EXPERIMENTAL_OCSP
+ NULL, /* hosts_require_ocsp */
#endif
NULL, /* hosts_require_tls */
NULL, /* hosts_avoid_tls */
#endif
NULL, /* hosts_require_tls */
NULL, /* hosts_avoid_tls */
@@
-1147,13
+1154,15
@@
if (tls_offered && !suppress_tls &&
int rc = tls_client_start(inblock.sock,
host,
addrlist,
int rc = tls_client_start(inblock.sock,
host,
addrlist,
- NULL, /* No DH param */
ob->tls_certificate,
ob->tls_privatekey,
ob->tls_sni,
ob->tls_verify_certificates,
ob->tls_crl,
ob->tls_require_ciphers,
ob->tls_certificate,
ob->tls_privatekey,
ob->tls_sni,
ob->tls_verify_certificates,
ob->tls_crl,
ob->tls_require_ciphers,
+#ifdef EXPERIMENTAL_OCSP
+ ob->hosts_require_ocsp,
+#endif
ob->tls_dh_min_bits,
ob->command_timeout);
ob->tls_dh_min_bits,
ob->command_timeout);