diff options
| author | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-02-19 15:10:00 +0100 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@redhat.com> | 2018-02-19 15:29:37 +0100 |
| commit | 790c154202b81647e13812a3e27efaae3de3db91 (patch) | |
| tree | f3a39697eec32d44c9a3447c2a048aab33ec4692 | |
| parent | 5c7a1282f19658839c07f5f0108c999348ab6254 (diff) | |
| download | gnutls-tmp-draft-ietf-tls-tls13-21.tar.gz | |
updated auto-generated filestmp-draft-ietf-tls-tls13-21
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
| -rw-r--r-- | doc/Makefile.am | 18 | ||||
| -rw-r--r-- | doc/manpages/Makefile.am | 9 | ||||
| -rw-r--r-- | src/ocsptool-args.c.bak | 188 | ||||
| -rw-r--r-- | src/ocsptool-args.h.bak | 24 | ||||
| -rw-r--r-- | src/serv-args.c.bak | 174 | ||||
| -rw-r--r-- | src/serv-args.h.bak | 88 | ||||
| -rw-r--r-- | symbols.last | 10 |
7 files changed, 312 insertions, 199 deletions
diff --git a/doc/Makefile.am b/doc/Makefile.am index 6af4b36c58..3ecd0ef700 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -705,6 +705,8 @@ FUNCS += functions/gnutls_certificate_get_crt_raw FUNCS += functions/gnutls_certificate_get_crt_raw.short FUNCS += functions/gnutls_certificate_get_issuer FUNCS += functions/gnutls_certificate_get_issuer.short +FUNCS += functions/gnutls_certificate_get_ocsp_expiration +FUNCS += functions/gnutls_certificate_get_ocsp_expiration.short FUNCS += functions/gnutls_certificate_get_ours FUNCS += functions/gnutls_certificate_get_ours.short FUNCS += functions/gnutls_certificate_get_peers @@ -733,10 +735,14 @@ FUNCS += functions/gnutls_certificate_set_known_dh_params FUNCS += functions/gnutls_certificate_set_known_dh_params.short FUNCS += functions/gnutls_certificate_set_ocsp_status_request_file FUNCS += functions/gnutls_certificate_set_ocsp_status_request_file.short +FUNCS += functions/gnutls_certificate_set_ocsp_status_request_file2 +FUNCS += functions/gnutls_certificate_set_ocsp_status_request_file2.short FUNCS += functions/gnutls_certificate_set_ocsp_status_request_function FUNCS += functions/gnutls_certificate_set_ocsp_status_request_function.short FUNCS += functions/gnutls_certificate_set_ocsp_status_request_function2 FUNCS += functions/gnutls_certificate_set_ocsp_status_request_function2.short +FUNCS += functions/gnutls_certificate_set_ocsp_status_request_mem +FUNCS += functions/gnutls_certificate_set_ocsp_status_request_mem.short FUNCS += functions/gnutls_certificate_set_params_function FUNCS += functions/gnutls_certificate_set_params_function.short FUNCS += functions/gnutls_certificate_set_pin_function @@ -745,6 +751,8 @@ FUNCS += functions/gnutls_certificate_set_retrieve_function FUNCS += functions/gnutls_certificate_set_retrieve_function.short FUNCS += functions/gnutls_certificate_set_retrieve_function2 FUNCS += functions/gnutls_certificate_set_retrieve_function2.short +FUNCS += functions/gnutls_certificate_set_retrieve_function3 +FUNCS += functions/gnutls_certificate_set_retrieve_function3.short FUNCS += functions/gnutls_certificate_set_trust_list FUNCS += functions/gnutls_certificate_set_trust_list.short FUNCS += functions/gnutls_certificate_set_verify_flags @@ -971,6 +979,8 @@ FUNCS += functions/gnutls_error_to_alert FUNCS += functions/gnutls_error_to_alert.short FUNCS += functions/gnutls_est_record_overhead_size FUNCS += functions/gnutls_est_record_overhead_size.short +FUNCS += functions/gnutls_ext_get_current_msg +FUNCS += functions/gnutls_ext_get_current_msg.short FUNCS += functions/gnutls_ext_get_data FUNCS += functions/gnutls_ext_get_data.short FUNCS += functions/gnutls_ext_get_name @@ -1145,6 +1155,8 @@ FUNCS += functions/gnutls_ocsp_resp_deinit FUNCS += functions/gnutls_ocsp_resp_deinit.short FUNCS += functions/gnutls_ocsp_resp_export FUNCS += functions/gnutls_ocsp_resp_export.short +FUNCS += functions/gnutls_ocsp_resp_export2 +FUNCS += functions/gnutls_ocsp_resp_export2.short FUNCS += functions/gnutls_ocsp_resp_get_certs FUNCS += functions/gnutls_ocsp_resp_get_certs.short FUNCS += functions/gnutls_ocsp_resp_get_extension @@ -1173,8 +1185,12 @@ FUNCS += functions/gnutls_ocsp_resp_get_version FUNCS += functions/gnutls_ocsp_resp_get_version.short FUNCS += functions/gnutls_ocsp_resp_import FUNCS += functions/gnutls_ocsp_resp_import.short +FUNCS += functions/gnutls_ocsp_resp_import2 +FUNCS += functions/gnutls_ocsp_resp_import2.short FUNCS += functions/gnutls_ocsp_resp_init FUNCS += functions/gnutls_ocsp_resp_init.short +FUNCS += functions/gnutls_ocsp_resp_list_import2 +FUNCS += functions/gnutls_ocsp_resp_list_import2.short FUNCS += functions/gnutls_ocsp_resp_print FUNCS += functions/gnutls_ocsp_resp_print.short FUNCS += functions/gnutls_ocsp_resp_verify @@ -1185,6 +1201,8 @@ FUNCS += functions/gnutls_ocsp_status_request_enable_client FUNCS += functions/gnutls_ocsp_status_request_enable_client.short FUNCS += functions/gnutls_ocsp_status_request_get FUNCS += functions/gnutls_ocsp_status_request_get.short +FUNCS += functions/gnutls_ocsp_status_request_get2 +FUNCS += functions/gnutls_ocsp_status_request_get2.short FUNCS += functions/gnutls_ocsp_status_request_is_checked FUNCS += functions/gnutls_ocsp_status_request_is_checked.short FUNCS += functions/gnutls_oid_to_digest diff --git a/doc/manpages/Makefile.am b/doc/manpages/Makefile.am index 307f0788a0..64efcdc6e8 100644 --- a/doc/manpages/Makefile.am +++ b/doc/manpages/Makefile.am @@ -148,6 +148,7 @@ APIMANS += gnutls_certificate_free_crls.3 APIMANS += gnutls_certificate_free_keys.3 APIMANS += gnutls_certificate_get_crt_raw.3 APIMANS += gnutls_certificate_get_issuer.3 +APIMANS += gnutls_certificate_get_ocsp_expiration.3 APIMANS += gnutls_certificate_get_ours.3 APIMANS += gnutls_certificate_get_peers.3 APIMANS += gnutls_certificate_get_peers_subkey_id.3 @@ -162,12 +163,15 @@ APIMANS += gnutls_certificate_set_flags.3 APIMANS += gnutls_certificate_set_key.3 APIMANS += gnutls_certificate_set_known_dh_params.3 APIMANS += gnutls_certificate_set_ocsp_status_request_file.3 +APIMANS += gnutls_certificate_set_ocsp_status_request_file2.3 APIMANS += gnutls_certificate_set_ocsp_status_request_function.3 APIMANS += gnutls_certificate_set_ocsp_status_request_function2.3 +APIMANS += gnutls_certificate_set_ocsp_status_request_mem.3 APIMANS += gnutls_certificate_set_params_function.3 APIMANS += gnutls_certificate_set_pin_function.3 APIMANS += gnutls_certificate_set_retrieve_function.3 APIMANS += gnutls_certificate_set_retrieve_function2.3 +APIMANS += gnutls_certificate_set_retrieve_function3.3 APIMANS += gnutls_certificate_set_trust_list.3 APIMANS += gnutls_certificate_set_verify_flags.3 APIMANS += gnutls_certificate_set_verify_function.3 @@ -281,6 +285,7 @@ APIMANS += gnutls_encode_rs_value.3 APIMANS += gnutls_error_is_fatal.3 APIMANS += gnutls_error_to_alert.3 APIMANS += gnutls_est_record_overhead_size.3 +APIMANS += gnutls_ext_get_current_msg.3 APIMANS += gnutls_ext_get_data.3 APIMANS += gnutls_ext_get_name.3 APIMANS += gnutls_ext_register.3 @@ -368,6 +373,7 @@ APIMANS += gnutls_ocsp_req_set_nonce.3 APIMANS += gnutls_ocsp_resp_check_crt.3 APIMANS += gnutls_ocsp_resp_deinit.3 APIMANS += gnutls_ocsp_resp_export.3 +APIMANS += gnutls_ocsp_resp_export2.3 APIMANS += gnutls_ocsp_resp_get_certs.3 APIMANS += gnutls_ocsp_resp_get_extension.3 APIMANS += gnutls_ocsp_resp_get_nonce.3 @@ -382,12 +388,15 @@ APIMANS += gnutls_ocsp_resp_get_single.3 APIMANS += gnutls_ocsp_resp_get_status.3 APIMANS += gnutls_ocsp_resp_get_version.3 APIMANS += gnutls_ocsp_resp_import.3 +APIMANS += gnutls_ocsp_resp_import2.3 APIMANS += gnutls_ocsp_resp_init.3 +APIMANS += gnutls_ocsp_resp_list_import2.3 APIMANS += gnutls_ocsp_resp_print.3 APIMANS += gnutls_ocsp_resp_verify.3 APIMANS += gnutls_ocsp_resp_verify_direct.3 APIMANS += gnutls_ocsp_status_request_enable_client.3 APIMANS += gnutls_ocsp_status_request_get.3 +APIMANS += gnutls_ocsp_status_request_get2.3 APIMANS += gnutls_ocsp_status_request_is_checked.3 APIMANS += gnutls_oid_to_digest.3 APIMANS += gnutls_oid_to_ecc_curve.3 diff --git a/src/ocsptool-args.c.bak b/src/ocsptool-args.c.bak index 82519a09e3..31c4816e8f 100644 --- a/src/ocsptool-args.c.bak +++ b/src/ocsptool-args.c.bak @@ -63,7 +63,7 @@ extern FILE * option_usage_fp; /** * static const strings for ocsptool options */ -static char const ocsptool_opt_strs[2522] = +static char const ocsptool_opt_strs[2772] = /* 0 */ "ocsptool @VERSION@\n" "Copyright (C) 2000-@YEAR@ Free Software Foundation, and others, all rights reserved.\n" "This is free software. It is licensed for use, modification and\n" @@ -128,33 +128,41 @@ static char const ocsptool_opt_strs[2522] = /* 1679 */ "Use DER format for input certificates and private keys\0" /* 1734 */ "INDER\0" /* 1740 */ "no-inder\0" -/* 1749 */ "Reads the DER encoded OCSP request from file\0" -/* 1794 */ "LOAD_REQUEST\0" -/* 1807 */ "load-request\0" -/* 1820 */ "Reads the DER encoded OCSP response from file\0" -/* 1866 */ "LOAD_RESPONSE\0" -/* 1880 */ "load-response\0" -/* 1894 */ "Ignore any verification errors\0" -/* 1925 */ "IGNORE_ERRORS\0" -/* 1939 */ "ignore-errors\0" -/* 1953 */ "Allow broken algorithms, such as MD5 for verification\0" -/* 2007 */ "VERIFY_ALLOW_BROKEN\0" -/* 2027 */ "verify-allow-broken\0" -/* 2047 */ "display extended usage information and exit\0" -/* 2091 */ "help\0" -/* 2096 */ "extended usage information passed thru pager\0" -/* 2141 */ "more-help\0" -/* 2151 */ "output version information and exit\0" -/* 2187 */ "version\0" -/* 2195 */ "OCSPTOOL\0" -/* 2204 */ "ocsptool - GnuTLS OCSP tool\n" +/* 1749 */ "Use DER format for output of responses (this is the default)\0" +/* 1810 */ "OUTDER\0" +/* 1817 */ "outder\0" +/* 1824 */ "Use PEM format for output of responses\0" +/* 1863 */ "OUTPEM\0" +/* 1870 */ "outpem\0" +/* 1877 */ "Reads the DER encoded OCSP request from file\0" +/* 1922 */ "LOAD_REQUEST\0" +/* 1935 */ "load-request\0" +/* 1948 */ "Reads the DER encoded OCSP response from file\0" +/* 1994 */ "LOAD_RESPONSE\0" +/* 2008 */ "load-response\0" +/* 2022 */ "Ignore any verification errors\0" +/* 2053 */ "IGNORE_ERRORS\0" +/* 2067 */ "ignore-errors\0" +/* 2081 */ "Allow broken algorithms, such as MD5 for verification\0" +/* 2135 */ "VERIFY_ALLOW_BROKEN\0" +/* 2155 */ "verify-allow-broken\0" +/* 2175 */ "display extended usage information and exit\0" +/* 2219 */ "help\0" +/* 2224 */ "extended usage information passed thru pager\0" +/* 2269 */ "more-help\0" +/* 2279 */ "output version information and exit\0" +/* 2315 */ "version\0" +/* 2323 */ "OCSPTOOL\0" +/* 2332 */ "ocsptool - GnuTLS OCSP tool\n" "Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0" -/* 2290 */ "@PACKAGE_BUGREPORT@\0" -/* 2310 */ "\n\0" -/* 2312 */ "ocsptool is a program that can parse and print information about OCSP\n" - "requests/responses, generate requests and verify responses.\n\0" -/* 2443 */ "ocsptool @VERSION@\0" -/* 2462 */ "ocsptool [options]\n" +/* 2418 */ "@PACKAGE_BUGREPORT@\0" +/* 2438 */ "\n\0" +/* 2440 */ "ocsptool is a program that can parse and print information about OCSP\n" + "requests/responses, generate requests and verify responses. Unlike other\n" + "GnuTLS applications it outputs DER encoded structures by default unless the\n" + "'--outpem' option is specified.\n\0" +/* 2693 */ "ocsptool @VERSION@\0" +/* 2712 */ "ocsptool [options]\n" "ocsptool --help for usage instructions.\n"; /** @@ -375,14 +383,38 @@ static int const aLoad_SignerCantList[] = { #define INDER_FLAGS (OPTST_DISABLED) /** + * outder option description: + */ +/** Descriptive text for the outder option */ +#define OUTDER_DESC (ocsptool_opt_strs+1749) +/** Upper-cased name for the outder option */ +#define OUTDER_NAME (ocsptool_opt_strs+1810) +/** Name string for the outder option */ +#define OUTDER_name (ocsptool_opt_strs+1817) +/** Compiled in flag settings for the outder option */ +#define OUTDER_FLAGS (OPTST_DISABLED) + +/** + * outpem option description: + */ +/** Descriptive text for the outpem option */ +#define OUTPEM_DESC (ocsptool_opt_strs+1824) +/** Upper-cased name for the outpem option */ +#define OUTPEM_NAME (ocsptool_opt_strs+1863) +/** Name string for the outpem option */ +#define OUTPEM_name (ocsptool_opt_strs+1870) +/** Compiled in flag settings for the outpem option */ +#define OUTPEM_FLAGS (OPTST_DISABLED) + +/** * load-request option description: */ /** Descriptive text for the load-request option */ -#define LOAD_REQUEST_DESC (ocsptool_opt_strs+1749) +#define LOAD_REQUEST_DESC (ocsptool_opt_strs+1877) /** Upper-cased name for the load-request option */ -#define LOAD_REQUEST_NAME (ocsptool_opt_strs+1794) +#define LOAD_REQUEST_NAME (ocsptool_opt_strs+1922) /** Name string for the load-request option */ -#define LOAD_REQUEST_name (ocsptool_opt_strs+1807) +#define LOAD_REQUEST_name (ocsptool_opt_strs+1935) /** Compiled in flag settings for the load-request option */ #define LOAD_REQUEST_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE)) @@ -391,11 +423,11 @@ static int const aLoad_SignerCantList[] = { * load-response option description: */ /** Descriptive text for the load-response option */ -#define LOAD_RESPONSE_DESC (ocsptool_opt_strs+1820) +#define LOAD_RESPONSE_DESC (ocsptool_opt_strs+1948) /** Upper-cased name for the load-response option */ -#define LOAD_RESPONSE_NAME (ocsptool_opt_strs+1866) +#define LOAD_RESPONSE_NAME (ocsptool_opt_strs+1994) /** Name string for the load-response option */ -#define LOAD_RESPONSE_name (ocsptool_opt_strs+1880) +#define LOAD_RESPONSE_name (ocsptool_opt_strs+2008) /** Compiled in flag settings for the load-response option */ #define LOAD_RESPONSE_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE)) @@ -404,11 +436,11 @@ static int const aLoad_SignerCantList[] = { * ignore-errors option description: */ /** Descriptive text for the ignore-errors option */ -#define IGNORE_ERRORS_DESC (ocsptool_opt_strs+1894) +#define IGNORE_ERRORS_DESC (ocsptool_opt_strs+2022) /** Upper-cased name for the ignore-errors option */ -#define IGNORE_ERRORS_NAME (ocsptool_opt_strs+1925) +#define IGNORE_ERRORS_NAME (ocsptool_opt_strs+2053) /** Name string for the ignore-errors option */ -#define IGNORE_ERRORS_name (ocsptool_opt_strs+1939) +#define IGNORE_ERRORS_name (ocsptool_opt_strs+2067) /** Compiled in flag settings for the ignore-errors option */ #define IGNORE_ERRORS_FLAGS (OPTST_DISABLED) @@ -416,22 +448,22 @@ static int const aLoad_SignerCantList[] = { * verify-allow-broken option description: */ /** Descriptive text for the verify-allow-broken option */ -#define VERIFY_ALLOW_BROKEN_DESC (ocsptool_opt_strs+1953) +#define VERIFY_ALLOW_BROKEN_DESC (ocsptool_opt_strs+2081) /** Upper-cased name for the verify-allow-broken option */ -#define VERIFY_ALLOW_BROKEN_NAME (ocsptool_opt_strs+2007) +#define VERIFY_ALLOW_BROKEN_NAME (ocsptool_opt_strs+2135) /** Name string for the verify-allow-broken option */ -#define VERIFY_ALLOW_BROKEN_name (ocsptool_opt_strs+2027) +#define VERIFY_ALLOW_BROKEN_name (ocsptool_opt_strs+2155) /** Compiled in flag settings for the verify-allow-broken option */ #define VERIFY_ALLOW_BROKEN_FLAGS (OPTST_DISABLED) /* * Help/More_Help/Version option descriptions: */ -#define HELP_DESC (ocsptool_opt_strs+2047) -#define HELP_name (ocsptool_opt_strs+2091) +#define HELP_DESC (ocsptool_opt_strs+2175) +#define HELP_name (ocsptool_opt_strs+2219) #ifdef HAVE_WORKING_FORK -#define MORE_HELP_DESC (ocsptool_opt_strs+2096) -#define MORE_HELP_name (ocsptool_opt_strs+2141) +#define MORE_HELP_DESC (ocsptool_opt_strs+2224) +#define MORE_HELP_name (ocsptool_opt_strs+2269) #define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT) #else #define MORE_HELP_DESC HELP_DESC @@ -444,8 +476,8 @@ static int const aLoad_SignerCantList[] = { # define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \ OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT) #endif -#define VER_DESC (ocsptool_opt_strs+2151) -#define VER_name (ocsptool_opt_strs+2187) +#define VER_DESC (ocsptool_opt_strs+2279) +#define VER_name (ocsptool_opt_strs+2315) /** * Declare option callback procedures */ @@ -660,8 +692,32 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ INDER_DESC, INDER_NAME, INDER_name, /* disablement strs */ NOT_INDER_name, NOT_INDER_PFX }, - { /* entry idx, value */ 16, VALUE_OPT_LOAD_REQUEST, - /* equiv idx, value */ 16, VALUE_OPT_LOAD_REQUEST, + { /* entry idx, value */ 16, VALUE_OPT_OUTDER, + /* equiv idx, value */ 16, VALUE_OPT_OUTDER, + /* equivalenced to */ NO_EQUIVALENT, + /* min, max, act ct */ 0, 1, 0, + /* opt state flags */ OUTDER_FLAGS, 0, + /* last opt argumnt */ { NULL }, /* --outder */ + /* arg list/cookie */ NULL, + /* must/cannot opts */ NULL, NULL, + /* option proc */ NULL, + /* desc, NAME, name */ OUTDER_DESC, OUTDER_NAME, OUTDER_name, + /* disablement strs */ NULL, NULL }, + + { /* entry idx, value */ 17, VALUE_OPT_OUTPEM, + /* equiv idx, value */ 17, VALUE_OPT_OUTPEM, + /* equivalenced to */ NO_EQUIVALENT, + /* min, max, act ct */ 0, 1, 0, + /* opt state flags */ OUTPEM_FLAGS, 0, + /* last opt argumnt */ { NULL }, /* --outpem */ + /* arg list/cookie */ NULL, + /* must/cannot opts */ NULL, NULL, + /* option proc */ NULL, + /* desc, NAME, name */ OUTPEM_DESC, OUTPEM_NAME, OUTPEM_name, + /* disablement strs */ NULL, NULL }, + + { /* entry idx, value */ 18, VALUE_OPT_LOAD_REQUEST, + /* equiv idx, value */ 18, VALUE_OPT_LOAD_REQUEST, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ LOAD_REQUEST_FLAGS, 0, @@ -672,8 +728,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ LOAD_REQUEST_DESC, LOAD_REQUEST_NAME, LOAD_REQUEST_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 17, VALUE_OPT_LOAD_RESPONSE, - /* equiv idx, value */ 17, VALUE_OPT_LOAD_RESPONSE, + { /* entry idx, value */ 19, VALUE_OPT_LOAD_RESPONSE, + /* equiv idx, value */ 19, VALUE_OPT_LOAD_RESPONSE, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ LOAD_RESPONSE_FLAGS, 0, @@ -684,8 +740,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ LOAD_RESPONSE_DESC, LOAD_RESPONSE_NAME, LOAD_RESPONSE_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 18, VALUE_OPT_IGNORE_ERRORS, - /* equiv idx, value */ 18, VALUE_OPT_IGNORE_ERRORS, + { /* entry idx, value */ 20, VALUE_OPT_IGNORE_ERRORS, + /* equiv idx, value */ 20, VALUE_OPT_IGNORE_ERRORS, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ IGNORE_ERRORS_FLAGS, 0, @@ -696,8 +752,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ IGNORE_ERRORS_DESC, IGNORE_ERRORS_NAME, IGNORE_ERRORS_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 19, VALUE_OPT_VERIFY_ALLOW_BROKEN, - /* equiv idx, value */ 19, VALUE_OPT_VERIFY_ALLOW_BROKEN, + { /* entry idx, value */ 21, VALUE_OPT_VERIFY_ALLOW_BROKEN, + /* equiv idx, value */ 21, VALUE_OPT_VERIFY_ALLOW_BROKEN, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ VERIFY_ALLOW_BROKEN_FLAGS, 0, @@ -750,21 +806,21 @@ static tOptDesc optDesc[OPTION_CT] = { /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ /** Reference to the upper cased version of ocsptool. */ -#define zPROGNAME (ocsptool_opt_strs+2195) +#define zPROGNAME (ocsptool_opt_strs+2323) /** Reference to the title line for ocsptool usage. */ -#define zUsageTitle (ocsptool_opt_strs+2204) +#define zUsageTitle (ocsptool_opt_strs+2332) /** There is no ocsptool configuration file. */ #define zRcName NULL /** There are no directories to search for ocsptool config files. */ #define apzHomeList NULL /** The ocsptool program bug email address. */ -#define zBugsAddr (ocsptool_opt_strs+2290) +#define zBugsAddr (ocsptool_opt_strs+2418) /** Clarification/explanation of what ocsptool does. */ -#define zExplain (ocsptool_opt_strs+2310) +#define zExplain (ocsptool_opt_strs+2438) /** Extra detail explaining what ocsptool does. */ -#define zDetail (ocsptool_opt_strs+2312) +#define zDetail (ocsptool_opt_strs+2440) /** The full version string for ocsptool. */ -#define zFullVersion (ocsptool_opt_strs+2443) +#define zFullVersion (ocsptool_opt_strs+2693) /* extracted from optcode.tlib near line 364 */ #if defined(ENABLE_NLS) @@ -776,7 +832,7 @@ static tOptDesc optDesc[OPTION_CT] = { #endif /* ENABLE_NLS */ #define ocsptool_full_usage (NULL) -#define ocsptool_short_usage (ocsptool_opt_strs+2462) +#define ocsptool_short_usage (ocsptool_opt_strs+2712) #endif /* not defined __doxygen__ */ @@ -1095,7 +1151,7 @@ tOptions ocsptoolOptions = { NO_EQUIVALENT, /* '-#' option index */ NO_EQUIVALENT /* index of default opt */ }, - 23 /* full option count */, 20 /* user option count */, + 25 /* full option count */, 22 /* user option count */, ocsptool_full_usage, ocsptool_short_usage, NULL, NULL, PKGDATADIR, ocsptool_packager_info @@ -1297,6 +1353,12 @@ with this program. If not, see <http://www.gnu.org/licenses/>.\n")); puts(_("Use DER format for input certificates and private keys")); /* referenced via ocsptoolOptions.pOptDesc->pzText */ + puts(_("Use DER format for output of responses (this is the default)")); + + /* referenced via ocsptoolOptions.pOptDesc->pzText */ + puts(_("Use PEM format for output of responses")); + + /* referenced via ocsptoolOptions.pOptDesc->pzText */ puts(_("Reads the DER encoded OCSP request from file")); /* referenced via ocsptoolOptions.pOptDesc->pzText */ @@ -1326,7 +1388,9 @@ Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n")); /* referenced via ocsptoolOptions.pzDetail */ puts(_("ocsptool is a program that can parse and print information about OCSP\n\ -requests/responses, generate requests and verify responses.\n")); +requests/responses, generate requests and verify responses. Unlike other\n\ +GnuTLS applications it outputs DER encoded structures by default unless the\n\ +'--outpem' option is specified.\n")); /* referenced via ocsptoolOptions.pzFullVersion */ puts(_("ocsptool @VERSION@")); diff --git a/src/ocsptool-args.h.bak b/src/ocsptool-args.h.bak index 08c8d86ab8..15f2d34ad8 100644 --- a/src/ocsptool-args.h.bak +++ b/src/ocsptool-args.h.bak @@ -82,16 +82,18 @@ typedef enum { INDEX_OPT_LOAD_TRUST = 13, INDEX_OPT_LOAD_SIGNER = 14, INDEX_OPT_INDER = 15, - INDEX_OPT_LOAD_REQUEST = 16, - INDEX_OPT_LOAD_RESPONSE = 17, - INDEX_OPT_IGNORE_ERRORS = 18, - INDEX_OPT_VERIFY_ALLOW_BROKEN = 19, - INDEX_OPT_VERSION = 20, - INDEX_OPT_HELP = 21, - INDEX_OPT_MORE_HELP = 22 + INDEX_OPT_OUTDER = 16, + INDEX_OPT_OUTPEM = 17, + INDEX_OPT_LOAD_REQUEST = 18, + INDEX_OPT_LOAD_RESPONSE = 19, + INDEX_OPT_IGNORE_ERRORS = 20, + INDEX_OPT_VERIFY_ALLOW_BROKEN = 21, + INDEX_OPT_VERSION = 22, + INDEX_OPT_HELP = 23, + INDEX_OPT_MORE_HELP = 24 } teOptIndex; /** count of all options for ocsptool */ -#define OPTION_CT 23 +#define OPTION_CT 25 /** ocsptool version */ #define OCSPTOOL_VERSION "@VERSION@" /** Full ocsptool version text */ @@ -164,10 +166,12 @@ typedef enum { #define VALUE_OPT_LOAD_TRUST 0x1008 #define VALUE_OPT_LOAD_SIGNER 0x1009 #define VALUE_OPT_INDER 0x100A +#define VALUE_OPT_OUTDER 0x100B +#define VALUE_OPT_OUTPEM 0x100C #define VALUE_OPT_LOAD_REQUEST 'Q' #define VALUE_OPT_LOAD_RESPONSE 'S' -#define VALUE_OPT_IGNORE_ERRORS 0x100B -#define VALUE_OPT_VERIFY_ALLOW_BROKEN 0x100C +#define VALUE_OPT_IGNORE_ERRORS 0x100D +#define VALUE_OPT_VERIFY_ALLOW_BROKEN 0x100E /** option flag (value) for help-value option */ #define VALUE_OPT_HELP 'h' /** option flag (value) for more-help-value option */ diff --git a/src/serv-args.c.bak b/src/serv-args.c.bak index ad8bdd4d71..73cfdd7921 100644 --- a/src/serv-args.c.bak +++ b/src/serv-args.c.bak @@ -63,7 +63,7 @@ extern FILE * option_usage_fp; /** * static const strings for gnutls-serv options */ -static char const gnutls_serv_opt_strs[3281] = +static char const gnutls_serv_opt_strs[3386] = /* 0 */ "gnutls-serv @VERSION@\n" "Copyright (C) 2000-@YEAR@ Free Software Foundation, and others, all rights reserved.\n" "This is free software. It is licensed for use, modification and\n" @@ -178,29 +178,32 @@ static char const gnutls_serv_opt_strs[3281] = /* 2646 */ "The OCSP response to send to client\0" /* 2682 */ "OCSP_RESPONSE\0" /* 2696 */ "ocsp-response\0" -/* 2710 */ "The port to connect to\0" -/* 2733 */ "PORT\0" -/* 2738 */ "port\0" -/* 2743 */ "Print a list of the supported algorithms and modes\0" -/* 2794 */ "LIST\0" -/* 2799 */ "list\0" -/* 2804 */ "Specify the PKCS #11 provider library\0" -/* 2842 */ "PROVIDER\0" -/* 2851 */ "provider\0" -/* 2860 */ "display extended usage information and exit\0" -/* 2904 */ "help\0" -/* 2909 */ "extended usage information passed thru pager\0" -/* 2954 */ "more-help\0" -/* 2964 */ "output version information and exit\0" -/* 3000 */ "version\0" -/* 3008 */ "GNUTLS_SERV\0" -/* 3020 */ "gnutls-serv - GnuTLS server\n" +/* 2710 */ "Ignore any errors when setting the OCSP response\0" +/* 2759 */ "IGNORE_OCSP_RESPONSE_ERRORS\0" +/* 2787 */ "ignore-ocsp-response-errors\0" +/* 2815 */ "The port to connect to\0" +/* 2838 */ "PORT\0" +/* 2843 */ "port\0" +/* 2848 */ "Print a list of the supported algorithms and modes\0" +/* 2899 */ "LIST\0" +/* 2904 */ "list\0" +/* 2909 */ "Specify the PKCS #11 provider library\0" +/* 2947 */ "PROVIDER\0" +/* 2956 */ "provider\0" +/* 2965 */ "display extended usage information and exit\0" +/* 3009 */ "help\0" +/* 3014 */ "extended usage information passed thru pager\0" +/* 3059 */ "more-help\0" +/* 3069 */ "output version information and exit\0" +/* 3105 */ "version\0" +/* 3113 */ "GNUTLS_SERV\0" +/* 3125 */ "gnutls-serv - GnuTLS server\n" "Usage: %s [ -<flag> [<val>] | --<name>[{=| }<val>] ]...\n\0" -/* 3106 */ "@PACKAGE_BUGREPORT@\0" -/* 3126 */ "\n\0" -/* 3128 */ "Server program that listens to incoming TLS connections.\n\0" -/* 3186 */ "gnutls-serv @VERSION@\0" -/* 3208 */ "Usage: gnutls-serv [options]\n" +/* 3211 */ "@PACKAGE_BUGREPORT@\0" +/* 3231 */ "\n\0" +/* 3233 */ "Server program that listens to incoming TLS connections.\n\0" +/* 3291 */ "gnutls-serv @VERSION@\0" +/* 3313 */ "Usage: gnutls-serv [options]\n" "gnutls-serv --help for usage instructions.\n"; /** @@ -633,18 +636,30 @@ static char const gnutls_serv_opt_strs[3281] = /** Name string for the ocsp-response option */ #define OCSP_RESPONSE_name (gnutls_serv_opt_strs+2696) /** Compiled in flag settings for the ocsp-response option */ -#define OCSP_RESPONSE_FLAGS (OPTST_DISABLED \ - | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE)) +#define OCSP_RESPONSE_FLAGS (OPTST_DISABLED | OPTST_STACKED \ + | OPTST_SET_ARGTYPE(OPARG_TYPE_STRING)) + +/** + * ignore-ocsp-response-errors option description: + */ +/** Descriptive text for the ignore-ocsp-response-errors option */ +#define IGNORE_OCSP_RESPONSE_ERRORS_DESC (gnutls_serv_opt_strs+2710) +/** Upper-cased name for the ignore-ocsp-response-errors option */ +#define IGNORE_OCSP_RESPONSE_ERRORS_NAME (gnutls_serv_opt_strs+2759) +/** Name string for the ignore-ocsp-response-errors option */ +#define IGNORE_OCSP_RESPONSE_ERRORS_name (gnutls_serv_opt_strs+2787) +/** Compiled in flag settings for the ignore-ocsp-response-errors option */ +#define IGNORE_OCSP_RESPONSE_ERRORS_FLAGS (OPTST_DISABLED) /** * port option description: */ /** Descriptive text for the port option */ -#define PORT_DESC (gnutls_serv_opt_strs+2710) +#define PORT_DESC (gnutls_serv_opt_strs+2815) /** Upper-cased name for the port option */ -#define PORT_NAME (gnutls_serv_opt_strs+2733) +#define PORT_NAME (gnutls_serv_opt_strs+2838) /** Name string for the port option */ -#define PORT_name (gnutls_serv_opt_strs+2738) +#define PORT_name (gnutls_serv_opt_strs+2843) /** Compiled in flag settings for the port option */ #define PORT_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_NUMERIC)) @@ -653,11 +668,11 @@ static char const gnutls_serv_opt_strs[3281] = * list option description: */ /** Descriptive text for the list option */ -#define LIST_DESC (gnutls_serv_opt_strs+2743) +#define LIST_DESC (gnutls_serv_opt_strs+2848) /** Upper-cased name for the list option */ -#define LIST_NAME (gnutls_serv_opt_strs+2794) +#define LIST_NAME (gnutls_serv_opt_strs+2899) /** Name string for the list option */ -#define LIST_name (gnutls_serv_opt_strs+2799) +#define LIST_name (gnutls_serv_opt_strs+2904) /** Compiled in flag settings for the list option */ #define LIST_FLAGS (OPTST_DISABLED) @@ -665,11 +680,11 @@ static char const gnutls_serv_opt_strs[3281] = * provider option description: */ /** Descriptive text for the provider option */ -#define PROVIDER_DESC (gnutls_serv_opt_strs+2804) +#define PROVIDER_DESC (gnutls_serv_opt_strs+2909) /** Upper-cased name for the provider option */ -#define PROVIDER_NAME (gnutls_serv_opt_strs+2842) +#define PROVIDER_NAME (gnutls_serv_opt_strs+2947) /** Name string for the provider option */ -#define PROVIDER_name (gnutls_serv_opt_strs+2851) +#define PROVIDER_name (gnutls_serv_opt_strs+2956) /** Compiled in flag settings for the provider option */ #define PROVIDER_FLAGS (OPTST_DISABLED \ | OPTST_SET_ARGTYPE(OPARG_TYPE_FILE)) @@ -677,11 +692,11 @@ static char const gnutls_serv_opt_strs[3281] = /* * Help/More_Help/Version option descriptions: */ -#define HELP_DESC (gnutls_serv_opt_strs+2860) -#define HELP_name (gnutls_serv_opt_strs+2904) +#define HELP_DESC (gnutls_serv_opt_strs+2965) +#define HELP_name (gnutls_serv_opt_strs+3009) #ifdef HAVE_WORKING_FORK -#define MORE_HELP_DESC (gnutls_serv_opt_strs+2909) -#define MORE_HELP_name (gnutls_serv_opt_strs+2954) +#define MORE_HELP_DESC (gnutls_serv_opt_strs+3014) +#define MORE_HELP_name (gnutls_serv_opt_strs+3059) #define MORE_HELP_FLAGS (OPTST_IMM | OPTST_NO_INIT) #else #define MORE_HELP_DESC HELP_DESC @@ -694,8 +709,8 @@ static char const gnutls_serv_opt_strs[3281] = # define VER_FLAGS (OPTST_SET_ARGTYPE(OPARG_TYPE_STRING) | \ OPTST_ARG_OPTIONAL | OPTST_IMM | OPTST_NO_INIT) #endif -#define VER_DESC (gnutls_serv_opt_strs+2964) -#define VER_name (gnutls_serv_opt_strs+3000) +#define VER_DESC (gnutls_serv_opt_strs+3069) +#define VER_name (gnutls_serv_opt_strs+3105) /** * Declare option callback procedures */ @@ -706,10 +721,10 @@ extern tOptProc optionUnstackArg, optionVendorOption; static tOptProc doOptDebug, doOptDhparams, doOptMtu, - doOptOcsp_Response, doOptPgpkeyfile, doOptProvider, - doOptPskpasswd, doOptSrppasswd, doOptSrppasswdconf, - doOptX509crlfile, doOptX509dsacertfile, doOptX509dsakeyfile, - doOptX509ecccertfile, doOptX509ecckeyfile, doUsageOpt; + doOptPgpkeyfile, doOptProvider, doOptPskpasswd, + doOptSrppasswd, doOptSrppasswdconf, doOptX509crlfile, + doOptX509dsacertfile, doOptX509dsakeyfile, doOptX509ecccertfile, + doOptX509ecckeyfile, doUsageOpt; #define VER_PROC optionPrintVersion /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ @@ -1130,17 +1145,29 @@ static tOptDesc optDesc[OPTION_CT] = { { /* entry idx, value */ 34, VALUE_OPT_OCSP_RESPONSE, /* equiv idx, value */ 34, VALUE_OPT_OCSP_RESPONSE, /* equivalenced to */ NO_EQUIVALENT, - /* min, max, act ct */ 0, 1, 0, + /* min, max, act ct */ 0, NOLIMIT, 0, /* opt state flags */ OCSP_RESPONSE_FLAGS, 0, /* last opt argumnt */ { NULL }, /* --ocsp-response */ /* arg list/cookie */ NULL, /* must/cannot opts */ NULL, NULL, - /* option proc */ doOptOcsp_Response, + /* option proc */ optionStackArg, /* desc, NAME, name */ OCSP_RESPONSE_DESC, OCSP_RESPONSE_NAME, OCSP_RESPONSE_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 35, VALUE_OPT_PORT, - /* equiv idx, value */ 35, VALUE_OPT_PORT, + { /* entry idx, value */ 35, VALUE_OPT_IGNORE_OCSP_RESPONSE_ERRORS, + /* equiv idx, value */ 35, VALUE_OPT_IGNORE_OCSP_RESPONSE_ERRORS, + /* equivalenced to */ NO_EQUIVALENT, + /* min, max, act ct */ 0, 1, 0, + /* opt state flags */ IGNORE_OCSP_RESPONSE_ERRORS_FLAGS, 0, + /* last opt argumnt */ { NULL }, /* --ignore-ocsp-response-errors */ + /* arg list/cookie */ NULL, + /* must/cannot opts */ NULL, NULL, + /* option proc */ NULL, + /* desc, NAME, name */ IGNORE_OCSP_RESPONSE_ERRORS_DESC, IGNORE_OCSP_RESPONSE_ERRORS_NAME, IGNORE_OCSP_RESPONSE_ERRORS_name, + /* disablement strs */ NULL, NULL }, + + { /* entry idx, value */ 36, VALUE_OPT_PORT, + /* equiv idx, value */ 36, VALUE_OPT_PORT, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ PORT_FLAGS, 0, @@ -1151,8 +1178,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ PORT_DESC, PORT_NAME, PORT_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 36, VALUE_OPT_LIST, - /* equiv idx, value */ 36, VALUE_OPT_LIST, + { /* entry idx, value */ 37, VALUE_OPT_LIST, + /* equiv idx, value */ 37, VALUE_OPT_LIST, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ LIST_FLAGS, 0, @@ -1163,8 +1190,8 @@ static tOptDesc optDesc[OPTION_CT] = { /* desc, NAME, name */ LIST_DESC, LIST_NAME, LIST_name, /* disablement strs */ NULL, NULL }, - { /* entry idx, value */ 37, VALUE_OPT_PROVIDER, - /* equiv idx, value */ 37, VALUE_OPT_PROVIDER, + { /* entry idx, value */ 38, VALUE_OPT_PROVIDER, + /* equiv idx, value */ 38, VALUE_OPT_PROVIDER, /* equivalenced to */ NO_EQUIVALENT, /* min, max, act ct */ 0, 1, 0, /* opt state flags */ PROVIDER_FLAGS, 0, @@ -1217,21 +1244,21 @@ static tOptDesc optDesc[OPTION_CT] = { /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ /** Reference to the upper cased version of gnutls-serv. */ -#define zPROGNAME (gnutls_serv_opt_strs+3008) +#define zPROGNAME (gnutls_serv_opt_strs+3113) /** Reference to the title line for gnutls-serv usage. */ -#define zUsageTitle (gnutls_serv_opt_strs+3020) +#define zUsageTitle (gnutls_serv_opt_strs+3125) /** There is no gnutls-serv configuration file. */ #define zRcName NULL /** There are no directories to search for gnutls-serv config files. */ #define apzHomeList NULL /** The gnutls-serv program bug email address. */ -#define zBugsAddr (gnutls_serv_opt_strs+3106) +#define zBugsAddr (gnutls_serv_opt_strs+3211) /** Clarification/explanation of what gnutls-serv does. */ -#define zExplain (gnutls_serv_opt_strs+3126) +#define zExplain (gnutls_serv_opt_strs+3231) /** Extra detail explaining what gnutls-serv does. */ -#define zDetail (gnutls_serv_opt_strs+3128) +#define zDetail (gnutls_serv_opt_strs+3233) /** The full version string for gnutls-serv. */ -#define zFullVersion (gnutls_serv_opt_strs+3186) +#define zFullVersion (gnutls_serv_opt_strs+3291) /* extracted from optcode.tlib near line 364 */ #if defined(ENABLE_NLS) @@ -1243,7 +1270,7 @@ static tOptDesc optDesc[OPTION_CT] = { #endif /* ENABLE_NLS */ #define gnutls_serv_full_usage (NULL) -#define gnutls_serv_short_usage (gnutls_serv_opt_strs+3208) +#define gnutls_serv_short_usage (gnutls_serv_opt_strs+3313) #endif /* not defined __doxygen__ */ @@ -1549,30 +1576,6 @@ doOptPskpasswd(tOptions* pOptions, tOptDesc* pOptDesc) /* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ /** - * Code to handle the ocsp-response option. - * If the client requested an OCSP response, return data from this file to the client. - * @param[in] pOptions the gnutls-serv options data structure - * @param[in,out] pOptDesc the option descriptor for this option. - */ -static void -doOptOcsp_Response(tOptions* pOptions, tOptDesc* pOptDesc) -{ - static teOptFileType const type = - FTYPE_MODE_MUST_EXIST + FTYPE_MODE_NO_OPEN; - static tuFileMode mode; -#ifndef O_CLOEXEC -# define O_CLOEXEC 0 -#endif - mode.file_flags = O_CLOEXEC; - - /* - * This function handles special invalid values for "pOptions" - */ - optionFileCheck(pOptions, pOptDesc, type, mode); -} - -/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */ -/** * Code to handle the provider option. * This will override the default options in /etc/gnutls/pkcs11.conf * @param[in] pOptions the gnutls-serv options data structure @@ -1658,7 +1661,7 @@ tOptions gnutls_servOptions = { NO_EQUIVALENT, /* '-#' option index */ NO_EQUIVALENT /* index of default opt */ }, - 41 /* full option count */, 38 /* user option count */, + 42 /* full option count */, 39 /* user option count */, gnutls_serv_full_usage, gnutls_serv_short_usage, NULL, NULL, PKGDATADIR, gnutls_serv_packager_info @@ -1917,6 +1920,9 @@ with this program. If not, see <http://www.gnu.org/licenses/>.\n")); puts(_("The OCSP response to send to client")); /* referenced via gnutls_servOptions.pOptDesc->pzText */ + puts(_("Ignore any errors when setting the OCSP response")); + + /* referenced via gnutls_servOptions.pOptDesc->pzText */ puts(_("The port to connect to")); /* referenced via gnutls_servOptions.pOptDesc->pzText */ diff --git a/src/serv-args.h.bak b/src/serv-args.h.bak index a40e0f8259..9d1e79e5d5 100644 --- a/src/serv-args.h.bak +++ b/src/serv-args.h.bak @@ -66,50 +66,51 @@ * Enumeration of each option type for gnutls-serv */ typedef enum { - INDEX_OPT_DEBUG = 0, - INDEX_OPT_SNI_HOSTNAME = 1, - INDEX_OPT_SNI_HOSTNAME_FATAL = 2, - INDEX_OPT_ALPN = 3, - INDEX_OPT_ALPN_FATAL = 4, - INDEX_OPT_NOTICKET = 5, - INDEX_OPT_GENERATE = 6, - INDEX_OPT_QUIET = 7, - INDEX_OPT_NODB = 8, - INDEX_OPT_HTTP = 9, - INDEX_OPT_ECHO = 10, - INDEX_OPT_UDP = 11, - INDEX_OPT_MTU = 12, - INDEX_OPT_SRTP_PROFILES = 13, - INDEX_OPT_DISABLE_CLIENT_CERT = 14, - INDEX_OPT_REQUIRE_CLIENT_CERT = 15, - INDEX_OPT_VERIFY_CLIENT_CERT = 16, - INDEX_OPT_HEARTBEAT = 17, - INDEX_OPT_X509FMTDER = 18, - INDEX_OPT_PRIORITY = 19, - INDEX_OPT_DHPARAMS = 20, - INDEX_OPT_X509CAFILE = 21, - INDEX_OPT_X509CRLFILE = 22, - INDEX_OPT_PGPKEYFILE = 23, - INDEX_OPT_X509KEYFILE = 24, - INDEX_OPT_X509CERTFILE = 25, - INDEX_OPT_X509DSAKEYFILE = 26, - INDEX_OPT_X509DSACERTFILE = 27, - INDEX_OPT_X509ECCKEYFILE = 28, - INDEX_OPT_X509ECCCERTFILE = 29, - INDEX_OPT_SRPPASSWD = 30, - INDEX_OPT_SRPPASSWDCONF = 31, - INDEX_OPT_PSKPASSWD = 32, - INDEX_OPT_PSKHINT = 33, - INDEX_OPT_OCSP_RESPONSE = 34, - INDEX_OPT_PORT = 35, - INDEX_OPT_LIST = 36, - INDEX_OPT_PROVIDER = 37, - INDEX_OPT_VERSION = 38, - INDEX_OPT_HELP = 39, - INDEX_OPT_MORE_HELP = 40 + INDEX_OPT_DEBUG = 0, + INDEX_OPT_SNI_HOSTNAME = 1, + INDEX_OPT_SNI_HOSTNAME_FATAL = 2, + INDEX_OPT_ALPN = 3, + INDEX_OPT_ALPN_FATAL = 4, + INDEX_OPT_NOTICKET = 5, + INDEX_OPT_GENERATE = 6, + INDEX_OPT_QUIET = 7, + INDEX_OPT_NODB = 8, + INDEX_OPT_HTTP = 9, + INDEX_OPT_ECHO = 10, + INDEX_OPT_UDP = 11, + INDEX_OPT_MTU = 12, + INDEX_OPT_SRTP_PROFILES = 13, + INDEX_OPT_DISABLE_CLIENT_CERT = 14, + INDEX_OPT_REQUIRE_CLIENT_CERT = 15, + INDEX_OPT_VERIFY_CLIENT_CERT = 16, + INDEX_OPT_HEARTBEAT = 17, + INDEX_OPT_X509FMTDER = 18, + INDEX_OPT_PRIORITY = 19, + INDEX_OPT_DHPARAMS = 20, + INDEX_OPT_X509CAFILE = 21, + INDEX_OPT_X509CRLFILE = 22, + INDEX_OPT_PGPKEYFILE = 23, + INDEX_OPT_X509KEYFILE = 24, + INDEX_OPT_X509CERTFILE = 25, + INDEX_OPT_X509DSAKEYFILE = 26, + INDEX_OPT_X509DSACERTFILE = 27, + INDEX_OPT_X509ECCKEYFILE = 28, + INDEX_OPT_X509ECCCERTFILE = 29, + INDEX_OPT_SRPPASSWD = 30, + INDEX_OPT_SRPPASSWDCONF = 31, + INDEX_OPT_PSKPASSWD = 32, + INDEX_OPT_PSKHINT = 33, + INDEX_OPT_OCSP_RESPONSE = 34, + INDEX_OPT_IGNORE_OCSP_RESPONSE_ERRORS = 35, + INDEX_OPT_PORT = 36, + INDEX_OPT_LIST = 37, + INDEX_OPT_PROVIDER = 38, + INDEX_OPT_VERSION = 39, + INDEX_OPT_HELP = 40, + INDEX_OPT_MORE_HELP = 41 } teOptIndex; /** count of all options for gnutls-serv */ -#define OPTION_CT 41 +#define OPTION_CT 42 /** gnutls-serv version */ #define GNUTLS_SERV_VERSION "@VERSION@" /** Full gnutls-serv version text */ @@ -203,11 +204,12 @@ typedef enum { #define VALUE_OPT_PSKPASSWD 0x101A #define VALUE_OPT_PSKHINT 0x101B #define VALUE_OPT_OCSP_RESPONSE 0x101C +#define VALUE_OPT_IGNORE_OCSP_RESPONSE_ERRORS 0x101D #define VALUE_OPT_PORT 'p' #define OPT_VALUE_PORT (DESC(PORT).optArg.argInt) #define VALUE_OPT_LIST 'l' -#define VALUE_OPT_PROVIDER 0x101D +#define VALUE_OPT_PROVIDER 0x101E /** option flag (value) for help-value option */ #define VALUE_OPT_HELP 'h' /** option flag (value) for more-help-value option */ diff --git a/symbols.last b/symbols.last index 42a600e77c..3d0882d899 100644 --- a/symbols.last +++ b/symbols.last @@ -2,6 +2,7 @@ GNUTLS_3_4@GNUTLS_3_4 GNUTLS_3_6_0@GNUTLS_3_6_0 GNUTLS_3_6_2@GNUTLS_3_6_2 GNUTLS_3_6_3@GNUTLS_3_6_3 +GNUTLS_3_6_xx@GNUTLS_3_6_xx _gnutls_global_init_skip@GNUTLS_3_4 gnutls_aead_cipher_decrypt@GNUTLS_3_4 gnutls_aead_cipher_deinit@GNUTLS_3_4 @@ -41,6 +42,7 @@ gnutls_certificate_free_crls@GNUTLS_3_4 gnutls_certificate_free_keys@GNUTLS_3_4 gnutls_certificate_get_crt_raw@GNUTLS_3_4 gnutls_certificate_get_issuer@GNUTLS_3_4 +gnutls_certificate_get_ocsp_expiration@GNUTLS_3_6_xx gnutls_certificate_get_openpgp_crt@GNUTLS_3_4 gnutls_certificate_get_openpgp_key@GNUTLS_3_4 gnutls_certificate_get_ours@GNUTLS_3_4 @@ -56,9 +58,11 @@ gnutls_certificate_set_dh_params@GNUTLS_3_4 gnutls_certificate_set_flags@GNUTLS_3_4 gnutls_certificate_set_key@GNUTLS_3_4 gnutls_certificate_set_known_dh_params@GNUTLS_3_4 +gnutls_certificate_set_ocsp_status_request_file2@GNUTLS_3_6_xx gnutls_certificate_set_ocsp_status_request_file@GNUTLS_3_4 gnutls_certificate_set_ocsp_status_request_function2@GNUTLS_3_4 gnutls_certificate_set_ocsp_status_request_function@GNUTLS_3_4 +gnutls_certificate_set_ocsp_status_request_mem@GNUTLS_3_6_xx gnutls_certificate_set_openpgp_key@GNUTLS_3_4 gnutls_certificate_set_openpgp_key_file2@GNUTLS_3_4 gnutls_certificate_set_openpgp_key_file@GNUTLS_3_4 @@ -69,6 +73,7 @@ gnutls_certificate_set_openpgp_keyring_mem@GNUTLS_3_4 gnutls_certificate_set_params_function@GNUTLS_3_4 gnutls_certificate_set_pin_function@GNUTLS_3_4 gnutls_certificate_set_retrieve_function2@GNUTLS_3_4 +gnutls_certificate_set_retrieve_function3@GNUTLS_3_6_xx gnutls_certificate_set_retrieve_function@GNUTLS_3_4 gnutls_certificate_set_trust_list@GNUTLS_3_4 gnutls_certificate_set_verify_flags@GNUTLS_3_4 @@ -183,6 +188,7 @@ gnutls_encode_rs_value@GNUTLS_3_6_0 gnutls_error_is_fatal@GNUTLS_3_4 gnutls_error_to_alert@GNUTLS_3_4 gnutls_est_record_overhead_size@GNUTLS_3_4 +gnutls_ext_get_current_msg@GNUTLS_3_6_xx gnutls_ext_get_data@GNUTLS_3_4 gnutls_ext_get_name@GNUTLS_3_4 gnutls_ext_register@GNUTLS_3_4 @@ -283,6 +289,7 @@ gnutls_ocsp_req_set_extension@GNUTLS_3_4 gnutls_ocsp_req_set_nonce@GNUTLS_3_4 gnutls_ocsp_resp_check_crt@GNUTLS_3_4 gnutls_ocsp_resp_deinit@GNUTLS_3_4 +gnutls_ocsp_resp_export2@GNUTLS_3_6_xx gnutls_ocsp_resp_export@GNUTLS_3_4 gnutls_ocsp_resp_get_certs@GNUTLS_3_4 gnutls_ocsp_resp_get_extension@GNUTLS_3_4 @@ -297,12 +304,15 @@ gnutls_ocsp_resp_get_signature_algorithm@GNUTLS_3_4 gnutls_ocsp_resp_get_single@GNUTLS_3_4 gnutls_ocsp_resp_get_status@GNUTLS_3_4 gnutls_ocsp_resp_get_version@GNUTLS_3_4 +gnutls_ocsp_resp_import2@GNUTLS_3_6_xx gnutls_ocsp_resp_import@GNUTLS_3_4 gnutls_ocsp_resp_init@GNUTLS_3_4 +gnutls_ocsp_resp_list_import2@GNUTLS_3_6_xx gnutls_ocsp_resp_print@GNUTLS_3_4 gnutls_ocsp_resp_verify@GNUTLS_3_4 gnutls_ocsp_resp_verify_direct@GNUTLS_3_4 gnutls_ocsp_status_request_enable_client@GNUTLS_3_4 +gnutls_ocsp_status_request_get2@GNUTLS_3_6_xx gnutls_ocsp_status_request_get@GNUTLS_3_4 gnutls_ocsp_status_request_is_checked@GNUTLS_3_4 gnutls_oid_to_digest@GNUTLS_3_4 |