Some basic OCSP stapling support.

New directives:

ssl_trusted_certificate /path/to/file;

  Specifies a file with CA certificates in the PEM format used for
  certificate verification.  In contrast to ssl_client_certificate, DNs
  of these certificates aren't sent to a client in CertificateRequest.

ssl_stapling on|off;

  Activates OCSP stapling.

ssl_stapling_file /path/to/file;

  Use predefined OCSP response for stapling, do not query responder.
  Assumes OCSP response in DER format as produced by "openssl ocsp".

ssl_stapling_responder URL;

  Use specified OCSP responder instead of one found in AIA certificate
  extension.

ssl_stapling_verify on|off;

  This directive allows to switch off OCSP response verification, resulting
  in less configuration of trusted certificates needed in some cases.

  Note that for stapling OCSP response verification isn't something required
  as it will be done by a client anyway.  But doing verification on a server
  allows to mitigate some attack vectors, most notably stop an attacker from
  presenting some specially crafted data to all site clients.

Example configuration:

  server {
      listen 443 ssl;

      ssl_certificate /path/to/cert.pem;
      ssl_certificate_key /path/to/key.pem;

      ssl_stapling on;
      ssl_trusted_certificate /path/to/ca.pem;

      resolver 8.8.8.8;
  }

Known limitations:

- Unless externally set OCSP response is used (via the "ssl_stapling_file"
  directive), stapled response won't be sent in a first connection.  This
  is due to the fact that OCSP responders are currently queried by nginx
  once it receives connection with certificate_status extension in ClientHello,
  and due to limitations in OpenSSL API (certificate status callback is
  blocking).

- Cached OCSP responses are currently stored in local process memory (thus
  each worker process will query OCSP responders independently).  This
  shouldn't be a problem as typical number of worker processes is low, usually
  set match number of CPUs.

- Various timeouts are hardcoded (connect/read/write timeouts are 60s,
  response is considered to be valid for 1h after loading).  Adding
  configuration directives to control these would be trivial, but it may
  be a better idea to actually omit them for simplicity.

- Only "http://" OCSP responders are recognized.

Patch can be found here:

http://nginx.org/patches/ocsp-stapling/

Testing and review appreciated.  Thanks to Comodo, DigiCert and GlobalSign
for sponsoring this work.

-- 
NGINX, Inc., http://nginx.com