From a394d274abf3e2b60889bd0f714d8720c2b5936f Mon Sep 17 00:00:00 2001
From: tb <>
Date: Wed, 8 Sep 2021 12:56:14 +0000
Subject: Prepare to provide SSL_get_tlsext_status_type()

Needed for nginx-lua to build with opaque SSL.

ok inoguchi jsing
---
 src/lib/libssl/s3_lib.c | 11 ++++++++++-
 src/lib/libssl/ssl.h    |  5 ++++-
 src/lib/libssl/tls1.h   |  7 ++++++-
 3 files changed, 20 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/s3_lib.c b/src/lib/libssl/s3_lib.c
index 6400454f1b..e78b70f0d8 100644
--- a/src/lib/libssl/s3_lib.c
+++ b/src/lib/libssl/s3_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_lib.c,v 1.214 2021/07/26 03:17:38 jsing Exp $ */
+/* $OpenBSD: s3_lib.c,v 1.215 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1808,6 +1808,12 @@ _SSL_set_tlsext_debug_arg(SSL *s, void *arg)
 	return 1;
 }
 
+static int
+_SSL_get_tlsext_status_type(SSL *s)
+{
+	return s->tlsext_status_type;
+}
+
 static int
 _SSL_set_tlsext_status_type(SSL *s, int type)
 {
@@ -2034,6 +2040,9 @@ ssl3_ctrl(SSL *s, int cmd, long larg, void *parg)
 	case SSL_CTRL_SET_TLSEXT_DEBUG_ARG:
 		return _SSL_set_tlsext_debug_arg(s, parg);
 
+	case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:
+		return _SSL_get_tlsext_status_type(s);
+
 	case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:
 		return _SSL_set_tlsext_status_type(s, larg);
 
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index b8cfb771b6..b2a576bf55 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.197 2021/09/08 12:32:07 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.198 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1000,6 +1000,9 @@ int PEM_write_SSL_SESSION(FILE *fp, SSL_SESSION *x);
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB	63
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_CB_ARG	129
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG	64
+#if defined(LIBRESSL_INTERNAL)
+#define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE	127
+#endif
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE	65
 #define SSL_CTRL_GET_TLSEXT_STATUS_REQ_EXTS	66
 #define SSL_CTRL_SET_TLSEXT_STATUS_REQ_EXTS	67
diff --git a/src/lib/libssl/tls1.h b/src/lib/libssl/tls1.h
index 98e158300b..238b202162 100644
--- a/src/lib/libssl/tls1.h
+++ b/src/lib/libssl/tls1.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls1.h,v 1.45 2021/06/14 05:32:10 tb Exp $ */
+/* $OpenBSD: tls1.h,v 1.46 2021/09/08 12:56:14 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -326,6 +326,11 @@ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb)
 #define SSL_set_tlsext_debug_arg(ssl, arg) \
 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)
 
+#if defined(LIBRESSL_INTERNAL)
+#define SSL_get_tlsext_status_type(ssl) \
+SSL_ctrl(ssl, SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE, 0, NULL)
+#endif
+
 #define SSL_set_tlsext_status_type(ssl, type) \
 SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)
 
-- 
cgit v1.2.3-55-g6feb