Prepare to provide SSL_get_tlsext_status_type()

Needed for nginx-lua to build with opaque SSL. ok inoguchi jsing
author: tb <> 2021-09-08 12:56:14 +0000
committer: tb <> 2021-09-08 12:56:14 +0000
commit: a394d274abf3e2b60889bd0f714d8720c2b5936f (patch)
tree: 7766cf5b1441a60f7f97d9259e79b6714a13a926 /src/lib
parent: 81bcc65bf759a3ea0181db3b72dade5269ae35ff (diff)
download: openbsd-a394d274abf3e2b60889bd0f714d8720c2b5936f.tar.gz
openbsd-a394d274abf3e2b60889bd0f714d8720c2b5936f.tar.bz2
openbsd-a394d274abf3e2b60889bd0f714d8720c2b5936f.zip
3 files changed, 20 insertions, 3 deletions
diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 6400454f1b..e78b70f0d8 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.214 2021/07/26 03:17:38 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.215 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1809,6 +1809,12 @@ _SSL_set_tlsext_debug_arg(SSL *s, void *arg)
 }
 static int
+_SSL_get_tlsext_status_type(SSL *s)
+{
+        return s->tlsext_status_type;
+}
+static int
 _SSL_set_tlsext_status_type(SSL *s, int type)
 {
        s->tlsext_status_type = type;
@@ -2034,6 +2040,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
        case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
                return _SSL_set_tlsext_debug_arg(s, parg);
+        case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
+                return _SSL_get_tlsext_status_type(s);
        case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
                return _SSL_set_tlsext_status_type(s, larg);
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index b8cfb771b6..b2a576bf55 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.197 2021/09/08 12:32:07 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.198 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -1000,6 +1000,9 @@ int PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x);
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB       63
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG   129
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG   64
+#if defined(LIBRESSL_INTERNAL)
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE     127
+#endif
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE     65
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS     66
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS     67
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index 98e158300b..238b202162 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.45 2021/06/14 05:32:10 tb Exp $ */
+/* $OpenBSD: tls1.h,v 1.46 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
 * All rights reserved.
 *
@@ -326,6 +326,11 @@ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
 #define SSL_set_tlsext_debug_arg(ssl, arg) \
 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
+#if defined(LIBRESSL_INTERNAL)
+#define SSL_get_tlsext_status_type(ssl) \
+SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE, 0, NULL)
+#endif
 #define SSL_set_tlsext_status_type(ssl, type) \
 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
author	tb <>	2021-09-08 12:56:14 +0000
committer	tb <>	2021-09-08 12:56:14 +0000
commit	a394d274abf3e2b60889bd0f714d8720c2b5936f (patch)
tree	7766cf5b1441a60f7f97d9259e79b6714a13a926 /src/lib
parent	81bcc65bf759a3ea0181db3b72dade5269ae35ff (diff)
download	openbsd-a394d274abf3e2b60889bd0f714d8720c2b5936f.tar.gz openbsd-a394d274abf3e2b60889bd0f714d8720c2b5936f.tar.bz2 openbsd-a394d274abf3e2b60889bd0f714d8720c2b5936f.zip