crypto/tls: add server-side OCSP stapling support.

We already had support on the client side. I also changed the name of
the flag in the ServerHello structure to match the name of the same
flag in the ClientHello (ocspStapling).

R=bradfitzgo
CC=golang-dev
https://golang.org/cl/4408044

src/pkg/crypto/tls/handshake_server.go

@@ -103,6 +103,9 @@ FindCipherSuite:
 		hello.nextProtoNeg = true
 		hello.nextProtos = config.NextProtos
 	}
+	if clientHello.ocspStapling && len(config.Certificates[0].OCSPStaple) > 0 {
+		hello.ocspStapling = true
+	}
 
 	finishedHash.Write(hello.marshal())
 	c.writeRecord(recordTypeHandshake, hello.marshal())
@@ -116,6 +119,14 @@ FindCipherSuite:
 	finishedHash.Write(certMsg.marshal())
 	c.writeRecord(recordTypeHandshake, certMsg.marshal())
 
+	if hello.ocspStapling {
+		certStatus := new(certificateStatusMsg)
+		certStatus.statusType = statusTypeOCSP
+		certStatus.response = config.Certificates[0].OCSPStaple
+		finishedHash.Write(certStatus.marshal())
+		c.writeRecord(recordTypeHandshake, certStatus.marshal())
+	}
+
 	keyAgreement := suite.ka()
 
 	skx, err := keyAgreement.generateServerKeyExchange(config, clientHello, hello)