Provide SSL_CTX_get_tlsext_status_cb() and SSL_CTX_get_tlsext_status_arg().

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index a15003b..8f75cf9 100644 (file)
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.163 2018/01/27 15:09:15 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.164 2018/02/17 15:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -2133,6 +2133,13 @@ _SSL_CTX_set_tlsext_ticket_keys(SSL_CTX *ctx, unsigned char *keys, int keys_len)
        return 1;
 }
 
+static int
+_SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg)
+{
+       *arg = ctx->internal->tlsext_status_arg;
+       return 1;
+}
+
 static int
 _SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg)
 {
@@ -2215,6 +2222,9 @@ ssl3_ctx_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
        case SSL_CTRL_SET_TLSEXT_TICKET_KEYS:
                return _SSL_CTX_set_tlsext_ticket_keys(ctx, parg, larg);
 
+       case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG:
+               return _SSL_CTX_get_tlsext_status_arg(ctx, parg);
+
        case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG:
                return _SSL_CTX_set_tlsext_status_arg(ctx, parg);
 
@@ -2279,6 +2289,10 @@ ssl3_ctx_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp)(void))
                    (int (*)(SSL *, int *, void *))fp;
                return 1;
 
+       case SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB:
+               *(int (**)(SSL *, void *))fp = ctx->internal->tlsext_status_cb;
+               return 1;
+
        case SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB:
                ctx->internal->tlsext_status_cb = (int (*)(SSL *, void *))fp;
                return 1;

diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 51b8fdb..bc0f531 100644 (file)
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.136 2018/02/14 17:08:44 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.137 2018/02/17 15:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1080,7 +1080,9 @@ int PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x);
 #define SSL_CTRL_SET_TLSEXT_DEBUG_ARG          57
 #define SSL_CTRL_GET_TLSEXT_TICKET_KEYS                58
 #define SSL_CTRL_SET_TLSEXT_TICKET_KEYS                59
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB      128
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB      63
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG  129
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG  64
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE    65
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS    66

diff --git a/lib/libssl/tls1.h b/lib/libssl/tls1.h
index 8e369c7..0474bb7 100644 (file)
--- a/lib/libssl/tls1.h
+++ b/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.31 2017/08/28 17:36:58 jsing Exp $ */
+/* $OpenBSD: tls1.h,v 1.32 2018/02/17 15:08:21 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -354,11 +354,15 @@ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TLSEXT_SERVERNAME_ARG,0, (void *)arg)
 #define SSL_CTX_set_tlsext_ticket_keys(ctx, keys, keylen) \
        SSL_CTX_ctrl((ctx),SSL_CTRL_SET_TLSEXT_TICKET_KEYS,(keylen),(keys))
 
+#define SSL_CTX_get_tlsext_status_cb(ssl, cb) \
+SSL_CTX_callback_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
 #define SSL_CTX_set_tlsext_status_cb(ssl, cb) \
 SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB,(void (*)(void))cb)
 
+#define SSL_CTX_get_tlsext_status_arg(ssl, arg) \
+SSL_CTX_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG,0,(void *)arg)
 #define SSL_CTX_set_tlsext_status_arg(ssl, arg) \
-SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0, (void *)arg)
+SSL_CTX_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG,0,(void *)arg)
 
 #define SSL_CTX_set_tlsext_ticket_key_cb(ssl, cb) \
 SSL_CTX_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_TICKET_KEY_CB,(void (*)(void))cb)