Only the vici plugin previously set OCSP_SEND_REPLY explicitly, all other
backends would have defaulted to OCSP_SEND_BOTH.
References strongswan/strongswan#2016
"CERT_NEVER_SEND",
);
-ENUM(ocsp_policy_names, OCSP_SEND_BOTH, OCSP_SEND_NEVER,
- "OCSP_SEND_BOTH",
+ENUM(ocsp_policy_names, OCSP_SEND_REPLY, OCSP_SEND_NEVER,
"OCSP_SEND_REPLY",
"OCSP_SEND_REQUEST",
+ "OCSP_SEND_BOTH",
"OCSP_SEND_NEVER",
);
* OCSP status request/response sending policy.
*/
enum ocsp_policy_t {
- /** request OCSP status and reply to OCSP status requests */
- OCSP_SEND_BOTH = 0,
/** send OCSP status upon OCSP status request */
- OCSP_SEND_REPLY = 1,
+ OCSP_SEND_REPLY = 0,
/** send OCSP status request */
- OCSP_SEND_REQUEST = 2,
+ OCSP_SEND_REQUEST = 1,
+ /** request OCSP status and reply to OCSP status requests */
+ OCSP_SEND_BOTH = 2,
/** never send OCSP status request or response */
OCSP_SEND_NEVER = 3,
};