From: tb <tb@openbsd.org>
Date: Wed, 8 Sep 2021 12:56:14 +0000 (+0000)
Subject: Prepare to provide SSL_get_tlsext_status_type()
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=a6ff6cd48953e91e61dc052378b8eb3c70d84387;p=openbsd

Prepare to provide SSL_get_tlsext_status_type()

Needed for nginx-lua to build with opaque SSL.

ok inoguchi jsing
---

diff --git a/lib/libssl/s3_lib.c b/lib/libssl/s3_lib.c
index 6400454f1b3..e78b70f0d81 100644
--- a/lib/libssl/s3_lib.c
+++ b/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.214 2021/07/26 03:17:38 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.215 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1808,6 +1808,12 @@ _SSL_set_tlsext_debug_arg(SSL *s, void *arg)
 	return 1;
 }
 
+static int
+_SSL_get_tlsext_status_type(SSL *s)
+{
+	return s->tlsext_status_type;
+}
+
 static int
 _SSL_set_tlsext_status_type(SSL *s, int type)
 {
@@ -2034,6 +2040,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
 		return _SSL_set_tlsext_debug_arg(s, parg);
 
+	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
+		return _SSL_get_tlsext_status_type(s);
+
 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
 		return _SSL_set_tlsext_status_type(s, larg);
 
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index b8cfb771b6a..b2a576bf557 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.197 2021/09/08 12:32:07 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.198 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1000,6 +1000,9 @@ int PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x);
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB	63
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG	129
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG	64
+#if defined(LIBRESSL_INTERNAL)
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE	127
+#endif
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE	65
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS	66
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS	67
diff --git a/lib/libssl/tls1.h b/lib/libssl/tls1.h
index 98e158300ba..238b202162d 100644
--- a/lib/libssl/tls1.h
+++ b/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.45 2021/06/14 05:32:10 tb Exp $ */
+/* $OpenBSD: tls1.h,v 1.46 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -326,6 +326,11 @@ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
 #define SSL_set_tlsext_debug_arg(ssl, arg) \
 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
 
+#if defined(LIBRESSL_INTERNAL)
+#define SSL_get_tlsext_status_type(ssl) \
+SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE, 0, NULL)
+#endif
+
 #define SSL_set_tlsext_status_type(ssl, type) \
 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)