implemented ocsp stapling (code not yet formatted properly)

author: Falko Strenzke <[email protected]> 2018-09-28 16:33:24 +0200
committer: Jack Lloyd <[email protected]> 2019-05-22 13:42:59 -0400
commit: b5176ca26fd36cb51588a5d3d7094eaa313fcf63 (patch)
tree: f2a255b68721390ef3b64a58ade4a5a2f2a926cd /src/lib/tls/tls_callbacks.h
parent: 14523b4f2126686edf21004ea15bc148b599a068 (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/src/lib/tls/tls_callbacks.h b/src/lib/tls/tls_callbacks.h
index b35cf0051..6b93e7d6b 100644
--- a/src/lib/tls/tls_callbacks.h
+++ b/src/lib/tls/tls_callbacks.h
@@ -142,6 +142,18 @@ class BOTAN_PUBLIC_API(2,0) Callbacks
           return std::chrono::milliseconds(0);
           }
 
+      /**
+       * Called by the TLS server whenever the client included the status_request extension (see RFC 6066, a.k.a OCSP stapling) in the ClientHello.
+       * In the current implementation no information from the contents of the status_request extension within the 
+       * ClientHello is available.
+       *
+       * @return the encoded OCSP response to be sent to the client which indicates the revocation status of the server certificate. Return an empty vector to indicate that no response is available, and thus suppress the Certificate_Status message.
+       */
+       virtual std::vector<uint8_t> tls_srv_provoide_cert_status_response() const
+       {
+          return std::vector<uint8_t>();
+       }
+
        /**
        * Optional callback with default impl: sign a message
        *
author	Falko Strenzke <[email protected]>	2018-09-28 16:33:24 +0200
committer	Jack Lloyd <[email protected]>	2019-05-22 13:42:59 -0400
commit	b5176ca26fd36cb51588a5d3d7094eaa313fcf63 (patch)
tree	f2a255b68721390ef3b64a58ade4a5a2f2a926cd /src/lib/tls/tls_callbacks.h
parent	14523b4f2126686edf21004ea15bc148b599a068 (diff)