Commit 4300aaf3 authored by Alessandro Ghedini's avatar Alessandro Ghedini Committed by Matt Caswell
Browse files

Add SSL_get_tlsext_status_type() method 



The tlsext_status_type field in SSL is used by e.g. OpenResty to determine
if the client requested the certificate status, but SSL is now opaque.

Reviewed-by: default avatarRich Salz <rsalz@openssl.org>
Reviewed-by: default avatarMatt Caswell <matt@openssl.org>
parent 56989dcd

include/openssl/ssl.h

+1 −0
Original line number Diff line number Diff line
@@ -1133,6 +1133,7 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION) 
# define SSL_CTRL_SET_MAX_PROTO_VERSION          124

# define SSL_CTRL_SET_SPLIT_SEND_FRAGMENT        125

# define SSL_CTRL_SET_MAX_PIPELINES              126

# define SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE     127

# define SSL_CERT_SET_FIRST                      1

# define SSL_CERT_SET_NEXT                       2

# define SSL_CERT_SET_SERVER                     3

include/openssl/tls1.h

+3 −0
Original line number Diff line number Diff line
@@ -252,6 +252,9 @@ SSL_callback_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_CB,(void (*)(void))cb) 
# define SSL_set_tlsext_debug_arg(ssl, arg) \

SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_DEBUG_ARG,0, (void *)arg)



# define SSL_get_tlsext_status_type(ssl, arg) \

SSL_ctrl(ssl,SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,0, (void *)arg)



# define SSL_set_tlsext_status_type(ssl, type) \

SSL_ctrl(ssl,SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,type, NULL)

ssl/s3_lib.c

+5 −0
Original line number Diff line number Diff line
@@ -2971,6 +2971,11 @@ long ssl3_ctrl(SSL *s, int cmd, long larg, void *parg) 
        ret = 1;

        break;



    case SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE:

        *(int *)parg = s->tlsext_status_type;

        ret = 1;

        break;



    case SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE:

        s->tlsext_status_type = larg;

        ret = 1;