From: jsing <jsing@openbsd.org>
Date: Sat, 17 Feb 2018 15:19:43 +0000 (+0000)
Subject: Provide SSL_get_client_random() and SSL_get_server_random()
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=d4fca8d7e2f8f280844139479d9cc1a37e39cc7c;p=openbsd

Provide SSL_get_client_random() and SSL_get_server_random()
---

diff --git a/lib/libssl/Symbols.list b/lib/libssl/Symbols.list
index f24c7fc9b63..90e73becd77 100644
--- a/lib/libssl/Symbols.list
+++ b/lib/libssl/Symbols.list
@@ -172,6 +172,7 @@ SSL_get_certificate
 SSL_get_cipher_list
 SSL_get_ciphers
 SSL_get_client_CA_list
+SSL_get_client_random
 SSL_get_current_cipher
 SSL_get_current_compression
 SSL_get_current_expansion
@@ -192,6 +193,7 @@ SSL_get_rbio
 SSL_get_read_ahead
 SSL_get_rfd
 SSL_get_selected_srtp_profile
+SSL_get_server_random
 SSL_get_servername
 SSL_get_servername_type
 SSL_get_session
diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 0784ce1ef73..692bd1a3950 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.138 2018/02/17 15:13:12 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.139 2018/02/17 15:19:43 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1510,6 +1510,9 @@ void SSL_CTX_set_tmp_ecdh_callback(SSL_CTX *ctx,
 void SSL_set_tmp_ecdh_callback(SSL *ssl,
     EC_KEY *(*ecdh)(SSL *ssl, int is_export, int keylength));
 
+size_t SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out);
+size_t SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out);
+
 const void *SSL_get_current_compression(SSL *s);
 const void *SSL_get_current_expansion(SSL *s);
 
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 79021d7e0be..e910d85914f 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.175 2018/02/17 15:13:12 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.176 2018/02/17 15:19:43 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -758,7 +758,8 @@ SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
 	return (X509_VERIFY_PARAM_get_depth(ctx->param));
 }
 
-int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
+int
+(*SSL_CTX_get_verify_callback(const SSL_CTX *ctx))(int, X509_STORE_CTX *)
 {
 	return (ctx->internal->default_verify_callback);
 }
@@ -2645,6 +2646,38 @@ SSL_get_current_expansion(SSL *s)
 	return (NULL);
 }
 
+size_t
+SSL_get_client_random(const SSL *s, unsigned char *out, size_t max_out)
+{
+	size_t len = sizeof(s->s3->client_random);
+
+	if (out == NULL)
+		return len;
+
+	if (len > max_out)
+		len = max_out;
+
+	memcpy(out, s->s3->client_random, len);
+
+	return len;
+}
+
+size_t
+SSL_get_server_random(const SSL *s, unsigned char *out, size_t max_out)
+{
+	size_t len = sizeof(s->s3->server_random);
+
+	if (out == NULL)
+		return len;
+
+	if (len > max_out)
+		len = max_out;
+
+	memcpy(out, s->s3->server_random, len);
+
+	return len;
+}
+
 int
 ssl_init_wbio_buffer(SSL *s, int push)
 {