extern const pcre *regex_STARTTLS; /* For recognizing STARTTLS settings */
extern uschar *tls_advertise_hosts; /* host for which TLS is advertised */
extern uschar *tls_certificate; /* Certificate file */
+extern uschar *tls_channelbinding_b64; /* string of base64 channel binding */
extern uschar *tls_crl; /* CRL File */
extern uschar *tls_dhparam; /* DH param file */
+#if defined(EXPERIMENTAL_OCSP) && !defined(USE_GNUTLS)
+extern uschar *tls_ocsp_file; /* OCSP stapling proof file */
+#endif
extern BOOL tls_offered; /* Server offered TLS */
extern uschar *tls_privatekey; /* Private key file */
extern BOOL tls_remember_esmtp; /* For YAEB */
extern uschar *tls_require_ciphers; /* So some can be avoided */
+#ifndef USE_GNUTLS
+extern uschar *tls_sni; /* Server Name Indication */
+#endif
extern uschar *tls_try_verify_hosts; /* Optional client verification */
extern uschar *tls_verify_certificates;/* Path for certificates to check */
extern uschar *tls_verify_hosts; /* Mandatory client verification */