[gnutls-devel] gnutls-cli OCSP test code for branch 'ocsp2'
tim.ruehsen at gmx.de
Wed Feb 4 11:35:44 CET 2015
On Wednesday 04 February 2015 11:22:29 Nikos Mavrogiannopoulos wrote:
> On Wed, 2015-02-04 at 11:05 +0100, Tim Ruehsen wrote:
> > > I don't think that this is related. However, at the current state the
> > > packets generated seem to be in accordance with wireshark, so as far as
> > > I understand, it remains to properly support it on the server side by
> > > enhancing the ocsptool to generate a combined status request, as well as
> > > accounting the multiple OCSP responses received on peer's certificate
> > > verification.
> > The fix just handles the case where status_request and status_request_v2
> > both are sent (client hello), but the answer (server hello) just includes
> > status_request.
> > I guess, that will be pretty common the next few months/years.
> Ok, thanks. I've handled it a bit differently.
I just pulled it and it does not work.
gnutls_ocsp_status_request_is_checked still returns 0 though there is a
Just apply my first patch 0001-add-OCSP-multi-stapling-test-code.patch ... it
just adds some printf to show that.
My patch handles it...
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 819 bytes
Desc: This is a digitally signed message part.
More information about the Gnutls-devel