Provide SSL_CTX_get0_param() and SSL_get0_param().

Some applications that use X509_VERIFY_PARAM expect these to exist, since they're also part of the OpenSSL 1.0.2 API.
author: jsing <> 2018-02-14 16:16:10 +0000
committer: jsing <> 2018-02-14 16:16:10 +0000
commit: 913c1940295492c07a0e82ccce38a16ac66ad1e9 (patch)
tree: 73d4e60c73a7a77bad6ef3749dff56b0959b2866
parent: 77581c8395b0a7294b66eca50b2947a4ede24867 (diff)
download: openbsd-913c1940295492c07a0e82ccce38a16ac66ad1e9.tar.gz
openbsd-913c1940295492c07a0e82ccce38a16ac66ad1e9.tar.bz2
openbsd-913c1940295492c07a0e82ccce38a16ac66ad1e9.zip
3 files changed, 20 insertions, 5 deletions
diff --git a/src/lib/libssl/Symbols.list b/src/lib/libssl/Symbols.list
index e147ff873d..c91dff9e58 100644
--- a/src/lib/libssl/Symbols.list
+++ b/src/lib/libssl/Symbols.list
@@ -56,6 +56,7 @@ SSL_CTX_check_private_key
 SSL_CTX_ctrl
 SSL_CTX_flush_sessions
 SSL_CTX_free
+SSL_CTX_get0_param
 SSL_CTX_get_cert_store
 SSL_CTX_get_client_CA_list
 SSL_CTX_get_client_cert_cb
@@ -97,8 +98,8 @@ SSL_CTX_set_default_verify_paths
 SSL_CTX_set_ex_data
 SSL_CTX_set_generate_session_id
 SSL_CTX_set_info_callback
-SSL_CTX_set_min_proto_version
 SSL_CTX_set_max_proto_version
+SSL_CTX_set_min_proto_version
 SSL_CTX_set_msg_callback
 SSL_CTX_set_next_proto_select_cb
 SSL_CTX_set_next_protos_advertised_cb
@@ -162,6 +163,7 @@ SSL_export_keying_material
 SSL_free
 SSL_get0_alpn_selected
 SSL_get0_next_proto_negotiated
+SSL_get0_param
 SSL_get1_session
 SSL_get_SSL_CTX
 SSL_get_certificate
@@ -231,8 +233,8 @@ SSL_set_ex_data
 SSL_set_fd
 SSL_set_generate_session_id
 SSL_set_info_callback
-SSL_set_min_proto_version
 SSL_set_max_proto_version
+SSL_set_min_proto_version
 SSL_set_msg_callback
 SSL_set_purpose
 SSL_set_quiet_shutdown
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index d431b175ad..7768f0a80f 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.134 2017/08/30 16:24:21 jsing Exp $ */
+/* $OpenBSD: ssl.h,v 1.135 2018/02/14 16:16:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1336,10 +1336,11 @@ int SSL_set_purpose(SSL *s, int purpose);
 int SSL_CTX_set_trust(SSL_CTX *s, int trust);
 int SSL_set_trust(SSL *s, int trust);
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx);
 int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm);
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
 int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm);
 void    SSL_free(SSL *ssl);
 int     SSL_accept(SSL *ssl);
 int     SSL_connect(SSL *ssl);
diff --git a/src/lib/libssl/ssl_lib.c b/src/lib/libssl/ssl_lib.c
index c7ae2a9631..9e3ef90729 100644
--- a/src/lib/libssl/ssl_lib.c
+++ b/src/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.172 2017/10/11 17:35:00 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.173 2018/02/14 16:16:10 jsing Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -469,12 +469,24 @@ SSL_set_trust(SSL *s, int trust)
        return (X509_VERIFY_PARAM_set_trust(s->param, trust));
 }
+X509_VERIFY_PARAM *
+SSL_CTX_get0_param(SSL_CTX *ctx)
+{
+        return (ctx->param);
+}
 int
 SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
 {
        return (X509_VERIFY_PARAM_set1(ctx->param, vpm));
 }
+X509_VERIFY_PARAM *
+SSL_get0_param(SSL *ssl)
+{
+        return (ssl->param);
+}
 int
 SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
 {
author	jsing <>	2018-02-14 16:16:10 +0000
committer	jsing <>	2018-02-14 16:16:10 +0000
commit	913c1940295492c07a0e82ccce38a16ac66ad1e9 (patch)
tree	73d4e60c73a7a77bad6ef3749dff56b0959b2866
parent	77581c8395b0a7294b66eca50b2947a4ede24867 (diff)
download	openbsd-913c1940295492c07a0e82ccce38a16ac66ad1e9.tar.gz openbsd-913c1940295492c07a0e82ccce38a16ac66ad1e9.tar.bz2 openbsd-913c1940295492c07a0e82ccce38a16ac66ad1e9.zip