In tls1.h rev. 1.32 2018/02/17 15:08:21, jsing@ provided

SSL_CTX_get_tlsext_status_cb(3) and SSL_CTX_get_tlsext_status_arg(3).
Merge the documentation,
mostly from Remi Gacogne <rgacogne-github at coredump dot fr>
via OpenSSL commit fddfc0af Aug 6 12:54:29 2016 +0200
plus the RETURN VALUES part by me.

1 files changed, 29 insertions, 7 deletions

diff --git a/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3 b/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
index b195e16809..6a3660a1c2 100644
--- a/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
+++ b/src/lib/libssl/man/SSL_CTX_set_tlsext_status_cb.3
@@ -1,8 +1,9 @@
-.\"     $OpenBSD: SSL_CTX_set_tlsext_status_cb.3,v 1.2 2017/04/10 14:00:51 schwarze Exp $
-.\"     OpenSSL 43c34894 Nov 30 16:04:51 2015 +0000
+.\" $OpenBSD: SSL_CTX_set_tlsext_status_cb.3,v 1.3 2018/02/18 21:04:31 schwarze Exp $
+.\" full merge up to: OpenSSL 43c34894 Nov 30 16:04:51 2015 +0000
+.\" selective merge up to: OpenSSL e9b77246 Jan 20 19:58:49 2017 +0100
 .\"
 .\" This file was written by Matt Caswell <matt@openssl.org>.
-.\" Copyright (c) 2015 The OpenSSL Project.  All rights reserved.
+.\" Copyright (c) 2015, 2016 The OpenSSL Project.  All rights reserved.
 .\"
 .\" Redistribution and use in source and binary forms, with or without
 .\" modification, are permitted provided that the following conditions
@@ -48,12 +49,14 @@
 .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 .\" OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: April 10 2017 $
+.Dd $Mdocdate: February 18 2018 $
 .Dt SSL_CTX_SET_TLSEXT_STATUS_CB 3
 .Os
 .Sh NAME
 .Nm SSL_CTX_set_tlsext_status_cb ,
+.Nm SSL_CTX_get_tlsext_status_cb ,
 .Nm SSL_CTX_set_tlsext_status_arg ,
+.Nm SSL_CTX_get_tlsext_status_arg ,
 .Nm SSL_set_tlsext_status_type ,
 .Nm SSL_get_tlsext_status_ocsp_resp ,
 .Nm SSL_set_tlsext_status_ocsp_resp
@@ -66,11 +69,21 @@
 .Fa "int (*callback)(SSL *, void *)"
 .Fc
 .Ft long
+.Fo SSL_CTX_get_tlsext_status_cb
+.Fa "SSL_CTX *ctx"
+.Fa "int (*callback)(SSL *, void *)"
+.Fc
+.Ft long
 .Fo SSL_CTX_set_tlsext_status_arg
 .Fa "SSL_CTX *ctx"
 .Fa "void *arg"
 .Fc
 .Ft long
+.Fo SSL_CTX_get_tlsext_status_arg
+.Fa "SSL_CTX *ctx"
+.Fa "void **arg"
+.Fc
+.Ft long
 .Fo SSL_set_tlsext_status_type
 .Fa "SSL *s"
 .Fa "int type"
@@ -112,6 +125,13 @@ Note that the callback will not be called in the event of a handshake
 where session resumption occurs (because there are no Certificates
 exchanged in such a handshake).
 .Pp
+The callback previously set via
+.Fn SSL_CTX_set_tlsext_status_cb
+can be retrieved by calling
+.Fn SSL_CTX_get_tlsext_status_cb ,
+and the argument by calling
+.Fn SSL_CTX_get_tlsext_status_arg .
+.Pp
 The response returned by the server can be obtained via a call to
 .Fn SSL_get_tlsext_status_ocsp_resp .
 The value
@@ -155,14 +175,16 @@ The callback when used on the server side should return with either
 (meaning that a fatal error has occurred).
 .Pp
 .Fn SSL_CTX_set_tlsext_status_cb ,
+.Fn SSL_CTX_get_tlsext_status_cb ,
 .Fn SSL_CTX_set_tlsext_status_arg ,
+.Fn SSL_CTX_get_tlsext_status_arg ,
 .Fn SSL_set_tlsext_status_type ,
 and
 .Fn SSL_set_tlsext_status_ocsp_resp
-return 0 on error or 1 on success.
+always return 1, indicating success.
 .Pp
 .Fn SSL_get_tlsext_status_ocsp_resp
-returns the length of the OCSP response data or -1 if there is no OCSP
-response data.
+returns the length of the OCSP response data
+or \-1 if there is no OCSP response data.
 .Sh SEE ALSO
 .Xr SSL_CTX_callback_ctrl 3