Export SSL_get_{peer_,}signature_type_nid()

Also move the prototypes to the correct header.

Oversight reported by Frank Lichtenheld, thanks!
Fixes https://github.com/libressl/openbsd/issues/147

ok jsing

diff --git a/lib/libssl/Symbols.list b/lib/libssl/Symbols.list
index 9f261bb..37715a8 100644 (file)
--- a/lib/libssl/Symbols.list
+++ b/lib/libssl/Symbols.list
@@ -222,6 +222,7 @@ SSL_get_peer_cert_chain
 SSL_get_peer_certificate
 SSL_get_peer_finished
 SSL_get_peer_quic_transport_params
+SSL_get_peer_signature_type_nid
 SSL_get_privatekey
 SSL_get_quiet_shutdown
 SSL_get_rbio
@@ -235,6 +236,7 @@ SSL_get_servername_type
 SSL_get_session
 SSL_get_shared_ciphers
 SSL_get_shutdown
+SSL_get_signature_type_nid
 SSL_get_srtp_profiles
 SSL_get_ssl_method
 SSL_get_verify_callback

diff --git a/lib/libssl/hidden/openssl/tls1.h b/lib/libssl/hidden/openssl/tls1.h
index de93f9a..e7c5721 100644 (file)
--- a/lib/libssl/hidden/openssl/tls1.h
+++ b/lib/libssl/hidden/openssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.1 2023/07/08 16:40:14 beck Exp $ */
+/* $OpenBSD: tls1.h,v 1.2 2024/03/02 11:44:47 tb Exp $ */
 /*
  * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
  *
@@ -28,5 +28,7 @@
 LSSL_USED(SSL_get_servername);
 LSSL_USED(SSL_get_servername_type);
 LSSL_USED(SSL_export_keying_material);
+LSSL_USED(SSL_get_peer_signature_type_nid);
+LSSL_USED(SSL_get_signature_type_nid);
 
 #endif /* _LIBSSL_TLS1_H */

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index bb8e946..9836d20 100644 (file)
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.249 2024/02/03 15:58:33 beck Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.250 2024/03/02 11:44:47 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1970,6 +1970,7 @@ SSL_get_signature_type_nid(const SSL *s, int *nid)
 
        return 1;
 }
+LSSL_ALIAS(SSL_get_signature_type_nid);
 
 int
 SSL_get_peer_signature_type_nid(const SSL *s, int *nid)
@@ -1986,6 +1987,7 @@ SSL_get_peer_signature_type_nid(const SSL *s, int *nid)
 
        return 1;
 }
+LSSL_ALIAS(SSL_get_peer_signature_type_nid);
 
 long
 ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)

diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 03a5a80..e69979c 100644 (file)
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.233 2024/02/03 15:58:33 beck Exp $ */
+/* $OpenBSD: ssl.h,v 1.234 2024/03/02 11:44:47 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1058,10 +1058,6 @@ const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx);
        SSL_ctrl(s, SSL_CTRL_GET_PEER_SIGNATURE_NID, 0, pn)
 #define SSL_get_peer_tmp_key(s, pk) \
        SSL_ctrl(s, SSL_CTRL_GET_PEER_TMP_KEY, 0, pk)
-
-int SSL_get_signature_type_nid(const SSL *ssl, int *nid);
-int SSL_get_peer_signature_type_nid(const SSL *ssl, int *nid);
-
 #endif /* LIBRESSL_HAS_TLS1_3 || LIBRESSL_INTERNAL */
 
 #ifndef LIBRESSL_INTERNAL

diff --git a/lib/libssl/tls1.h b/lib/libssl/tls1.h
index daf6cba..05514b8 100644 (file)
--- a/lib/libssl/tls1.h
+++ b/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.57 2024/02/03 15:58:34 beck Exp $ */
+/* $OpenBSD: tls1.h,v 1.58 2024/03/02 11:44:47 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -316,6 +316,9 @@ int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen,
     const char *label, size_t llen, const unsigned char *p, size_t plen,
     int use_context);
 
+int SSL_get_signature_type_nid(const SSL *ssl, int *nid);
+int SSL_get_peer_signature_type_nid(const SSL *ssl, int *nid);
+
 #define SSL_set_tlsext_host_name(s,name) \
 SSL_ctrl(s,SSL_CTRL_SET_TLSEXT_HOSTNAME,TLSEXT_NAMETYPE_host_name,(char *)name)