gnutls-cli logs only the first stapled OCSP response
I'm working on implementing multi-staple in mod_gnutls, and when testing with gnutls-cli found that it would never log more than one stapled response. A look at the code shows that it uses only gnutls_ocsp_status_request_get
to get the response, not gnutls_ocsp_status_request_get2
.
Versions of gnutls tested:
- 3.6.9 from Ubuntu
- local build of master at 85af4115
You can find my server-side WIP for mod_gnutls in the wip-ocsp-multi-staple on Github, if you'd like to test with it.
I have a patch that fixes the logging issue (airtower-luna/gnutls@8faf6902), but the same problem affects the --save-ocsp
option. What would be the best way to fix that? Dumping multiple DER responses into one file seems questionable.