"URL of the default OCSP Responder")

               "URL of the default OCSP Responder")

    SSL_CMD_SRV(OCSPOverrideResponder, FLAG,

    SSL_CMD_SRV(OCSPOverrideResponder, FLAG,

               "Force use of the default responder URL ('on', 'off')")

               "Force use of the default responder URL ('on', 'off')")

    SSL_CMD_SRV(OCSPResponseTimeSkew, TAKE1,

    SSL_CMD_SRV(OCSPResponseTimeSkew, TAKE1,

                "Maximum time difference in OCSP responses")

                "Maximum time difference in OCSP responses")

    SSL_CMD_SRV(OCSPResponseMaxAge, TAKE1,

    SSL_CMD_SRV(OCSPResponseMaxAge, TAKE1,

    mctx->ocsp_enabled        = FALSE;

    mctx->ocsp_enabled        = FALSE;

    mctx->ocsp_force_default  = FALSE;

    mctx->ocsp_force_default  = FALSE;

    mctx->ocsp_responder      = NULL;

    mctx->ocsp_responder      = NULL;

    mctx->ocsp_resptime_skew  = UNSET;

    mctx->ocsp_resptime_skew  = UNSET;

    mctx->ocsp_resp_maxage    = UNSET;

    mctx->ocsp_resp_maxage    = UNSET;

    mctx->ocsp_responder_timeout = UNSET;

    mctx->ocsp_responder_timeout = UNSET;

    cfgMergeBool(ocsp_enabled);

    cfgMergeBool(ocsp_enabled);

    cfgMergeBool(ocsp_force_default);

    cfgMergeBool(ocsp_force_default);

    cfgMerge(ocsp_responder, NULL);

    cfgMerge(ocsp_responder, NULL);

    cfgMergeInt(ocsp_resptime_skew);

    cfgMergeInt(ocsp_resptime_skew);

    cfgMergeInt(ocsp_resp_maxage);

    cfgMergeInt(ocsp_resp_maxage);

    cfgMergeInt(ocsp_responder_timeout);

    cfgMergeInt(ocsp_responder_timeout);

#endif /* HAVE_SRP */

#endif /* HAVE_SRP */

void ssl_hook_ConfigTest(apr_pool_t *pconf, server_rec *s)

void ssl_hook_ConfigTest(apr_pool_t *pconf, server_rec *s)

{

{

    apr_file_t *out = NULL;

    apr_file_t *out = NULL;

            != APR_SUCCESS) {

            != APR_SUCCESS) {

            return rv;

            return rv;

        }

        }

    }

    }

    if (sc->proxy_enabled) {

    if (sc->proxy_enabled) {

        ssl_init_ctx_cleanup_proxy(sc->proxy);

        ssl_init_ctx_cleanup_proxy(sc->proxy);

        ssl_init_ctx_cleanup(sc->server);

        ssl_init_ctx_cleanup(sc->server);

    }

    }

    free_dh_params();

    free_dh_params();

    if (rc == V_OCSP_CERTSTATUS_GOOD) {

    if (rc == V_OCSP_CERTSTATUS_GOOD) {

        /* TODO: allow flags configuration. */

        /* TODO: allow flags configuration. */

            ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);

            ssl_log_ssl_error(SSLLOG_MARK, APLOG_ERR, s);

            rc = V_OCSP_CERTSTATUS_UNKNOWN;

            rc = V_OCSP_CERTSTATUS_UNKNOWN;

        }

        }

    BOOL ocsp_force_default; /* true if the default responder URL is

    BOOL ocsp_force_default; /* true if the default responder URL is

                              * used regardless of per-cert URL */

                              * used regardless of per-cert URL */

    const char *ocsp_responder; /* default responder URL */

    const char *ocsp_responder; /* default responder URL */

    long ocsp_resptime_skew;

    long ocsp_resptime_skew;

    long ocsp_resp_maxage;

    long ocsp_resp_maxage;

    apr_interval_time_t ocsp_responder_timeout;

    apr_interval_time_t ocsp_responder_timeout;

const char *ssl_cmd_SSLOCSPUseRequestNonce(cmd_parms *cmd, void *dcfg, int flag);

const char *ssl_cmd_SSLOCSPUseRequestNonce(cmd_parms *cmd, void *dcfg, int flag);

const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, int flag);

const char *ssl_cmd_SSLOCSPEnable(cmd_parms *cmd, void *dcfg, int flag);

#ifdef HAVE_SSL_CONF_CMD

#ifdef HAVE_SSL_CONF_CMD

const char *ssl_cmd_SSLOpenSSLConfCmd(cmd_parms *cmd, void *dcfg, const char *arg1, const char *arg2);

const char *ssl_cmd_SSLOpenSSLConfCmd(cmd_parms *cmd, void *dcfg, const char *arg1, const char *arg2);

#endif

#endif

                                            apr_interval_time_t timeout,

                                            apr_interval_time_t timeout,

                                            OCSP_REQUEST *request,

                                            OCSP_REQUEST *request,

                                            conn_rec *c, apr_pool_t *p);

                                            conn_rec *c, apr_pool_t *p);

#endif

#endif

/* Retrieve DH parameters for given key length.  Return value should

/* Retrieve DH parameters for given key length.  Return value should

    return response;

    return response;

}

}

#endif /* HAVE_OCSP */

#endif /* HAVE_OCSP */