Wait for CertificateStatus message to verify certificate. Applications may require the stapled OCSP response in order to verify the certificate within the verification callback. Change-Id: I8002e527f90c3ce7b6a66e3203c0a68371aac5ec Reviewed-on: https://boringssl-review.googlesource.com/5730 Reviewed-by: David Benjamin <davidben@chromium.org> Reviewed-by: Adam Langley <agl@google.com>

commit: 8f1c268692d39995245898676ec4fc72e385806f [log] [tgz]
author: Paul Lietar <lietar@google.com> Tue Aug 18 12:21:54 2015 +0100
committer: Adam Langley <agl@google.com> Tue Sep 08 19:04:43 2015 +0000
tree: 7aeeb7ebe256611e692ad183de03b9d2d2c070ae
parent: 8748920ca791dd582614ae3527c1a4749085f331 [diff] [blame]
diff --git a/include/openssl/ssl3.h b/include/openssl/ssl3.h
index 769fbf7..1f6ca31 100644
--- a/include/openssl/ssl3.h
+++ b/include/openssl/ssl3.h

@@ -563,6 +563,7 @@
 /* extra state */
 #define SSL3_ST_CW_FLUSH (0x100 | SSL_ST_CONNECT)
 #define SSL3_ST_FALSE_START (0x101 | SSL_ST_CONNECT)
+#define SSL3_ST_VERIFY_SERVER_CERT (0x102 | SSL_ST_CONNECT)
 /* write to server */
 #define SSL3_ST_CW_CLNT_HELLO_A (0x110 | SSL_ST_CONNECT)
 #define SSL3_ST_CW_CLNT_HELLO_B (0x111 | SSL_ST_CONNECT)
commit	8f1c268692d39995245898676ec4fc72e385806f	[log] [tgz]
author	Paul Lietar <lietar@google.com>	Tue Aug 18 12:21:54 2015 +0100
committer	Adam Langley <agl@google.com>	Tue Sep 08 19:04:43 2015 +0000
tree	7aeeb7ebe256611e692ad183de03b9d2d2c070ae
parent	8748920ca791dd582614ae3527c1a4749085f331 [diff] [blame]