From da2e8f3e57cf705fb1f88e94e321027a68cb42cf Mon Sep 17 00:00:00 2001
From: tb <>
Date: Fri, 24 Oct 2025 11:36:08 +0000
Subject: Provide SSL_SESSION_dup()

As reported by ajacoutot and sthen, an update to net/neon is blocked on
that missing symbol.

ok kenjiro
---
 src/lib/libssl/Symbols.list         | 1 +
 src/lib/libssl/hidden/openssl/ssl.h | 3 ++-
 src/lib/libssl/ssl.h                | 3 ++-
 src/lib/libssl/ssl_sess.c           | 9 ++++++++-
 4 files changed, 13 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/lib/libssl/Symbols.list b/src/lib/libssl/Symbols.list
index 65cd3e7f86..0d82c7c726 100644
--- a/src/lib/libssl/Symbols.list
+++ b/src/lib/libssl/Symbols.list
@@ -137,6 +137,7 @@ SSL_CTX_use_certificate_ASN1
 SSL_CTX_use_certificate_chain_file
 SSL_CTX_use_certificate_chain_mem
 SSL_CTX_use_certificate_file
+SSL_SESSION_dup
 SSL_SESSION_free
 SSL_SESSION_get0_cipher
 SSL_SESSION_get0_id_context
diff --git a/src/lib/libssl/hidden/openssl/ssl.h b/src/lib/libssl/hidden/openssl/ssl.h
index b854dd7b73..b010488d7f 100644
--- a/src/lib/libssl/hidden/openssl/ssl.h
+++ b/src/lib/libssl/hidden/openssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.9 2024/08/31 10:51:48 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.10 2025/10/24 11:36:08 tb Exp $ */
 /*
  * Copyright (c) 2023 Bob Beck <beck@openbsd.org>
  *
@@ -182,6 +182,7 @@ LSSL_USED(SSL_SESSION_set1_id_context);
 LSSL_USED(SSL_SESSION_is_resumable);
 LSSL_USED(SSL_SESSION_new);
 LSSL_USED(SSL_SESSION_free);
+LSSL_USED(SSL_SESSION_dup);
 LSSL_USED(SSL_SESSION_up_ref);
 LSSL_USED(SSL_SESSION_get_id);
 LSSL_USED(SSL_SESSION_get0_id_context);
diff --git a/src/lib/libssl/ssl.h b/src/lib/libssl/ssl.h
index e8a11ebdb9..48cb6256df 100644
--- a/src/lib/libssl/ssl.h
+++ b/src/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.248 2025/04/18 07:34:01 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.249 2025/10/24 11:36:08 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1199,6 +1199,7 @@ int SSL_SESSION_is_resumable(const SSL_SESSION *s);
 
 SSL_SESSION *SSL_SESSION_new(void);
 void	SSL_SESSION_free(SSL_SESSION *ses);
+SSL_SESSION *SSL_SESSION_dup(const SSL_SESSION *src);
 int	SSL_SESSION_up_ref(SSL_SESSION *ss);
 const unsigned char *SSL_SESSION_get_id(const SSL_SESSION *ss,
 	    unsigned int *len);
diff --git a/src/lib/libssl/ssl_sess.c b/src/lib/libssl/ssl_sess.c
index f2ef124e1e..7f16061b48 100644
--- a/src/lib/libssl/ssl_sess.c
+++ b/src/lib/libssl/ssl_sess.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_sess.c,v 1.130 2025/10/24 09:23:06 tb Exp $ */
+/* $OpenBSD: ssl_sess.c,v 1.131 2025/10/24 11:36:08 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -345,6 +345,13 @@ ssl_session_dup(const SSL_SESSION *sess, int include_ticket)
 	return NULL;
 }
 
+SSL_SESSION *
+SSL_SESSION_dup(const SSL_SESSION *src)
+{
+	return ssl_session_dup(src, 1);
+}
+LSSL_ALIAS(SSL_SESSION_dup);
+
 const unsigned char *
 SSL_SESSION_get_id(const SSL_SESSION *ss, unsigned int *len)
 {
-- 
cgit v1.2.3-55-g6feb