From fddfc0afc84728f8a5140685163e66ce6471742d Mon Sep 17 00:00:00 2001
From: Remi Gacogne <rgacogne-github@coredump.fr>
Date: Sat, 6 Aug 2016 12:54:29 +0200
Subject: Add missing session id and tlsext_status accessors

 * SSL_SESSION_set1_id()
 * SSL_SESSION_get0_id_context()
 * SSL_CTX_get_tlsext_status_cb()
 * SSL_CTX_get_tlsext_status_arg()

Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
---
 doc/ssl/SSL_CTX_set_tlsext_status_cb.pod |  9 +++++++
 doc/ssl/SSL_SESSION_get0_id_context.pod  | 41 ++++++++++++++++++++++++++++++++
 doc/ssl/SSL_SESSION_set1_id.pod          | 41 ++++++++++++++++++++++++++++++++
 3 files changed, 91 insertions(+)
 create mode 100644 doc/ssl/SSL_SESSION_get0_id_context.pod
 create mode 100644 doc/ssl/SSL_SESSION_set1_id.pod

(limited to 'doc')

diff --git a/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod b/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
index 5c58b23895..c12ff0e587 100644
--- a/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
+++ b/doc/ssl/SSL_CTX_set_tlsext_status_cb.pod
@@ -3,7 +3,9 @@
 =head1 NAME
 
 SSL_CTX_set_tlsext_status_cb,
+SSL_CTX_get_tlsext_status_cb,
 SSL_CTX_set_tlsext_status_arg,
+SSL_CTX_get_tlsext_status_arg,
 SSL_CTX_set_tlsext_status_type,
 SSL_CTX_get_tlsext_status_type,
 SSL_set_tlsext_status_type,
@@ -18,7 +20,11 @@ SSL_set_tlsext_status_ocsp_resp
 
  long SSL_CTX_set_tlsext_status_cb(SSL_CTX *ctx,
                                    int (*callback)(SSL *, void *));
+ long SSL_CTX_get_tlsext_status_cb(SSL_CTX *ctx,
+                                   int (**callback)(SSL *, void *));
+
  long SSL_CTX_set_tlsext_status_arg(SSL_CTX *ctx, void *arg);
+ long SSL_CTX_get_tlsext_status_arg(SSL_CTX *ctx, void **arg);
 
  long SSL_CTX_set_tlsext_status_type(SSL_CTX *ctx, int type);
  long SSL_CTX_get_tlsext_status_type(SSL_CTX *ctx);
@@ -48,6 +54,9 @@ acceptable or not. The callback will be passed as an argument the value
 previously set via a call to SSL_CTX_set_tlsext_status_arg(). Note that the
 callback will not be called in the event of a handshake where session resumption
 occurs (because there are no Certificates exchanged in such a handshake).
+The callback previously set via SSL_CTX_set_tlsext_status_cb() can be retrieved
+by calling SSL_CTX_get_tlsext_status_cb(), and the argument by calling
+SSL_CTX_get_tlsext_status_arg().
 
 On the client side SSL_get_tlsext_status_type() can be used to determine whether
 the client has previously called SSL_set_tlsext_status_type(). It will return
diff --git a/doc/ssl/SSL_SESSION_get0_id_context.pod b/doc/ssl/SSL_SESSION_get0_id_context.pod
new file mode 100644
index 0000000000..2ac3fc4dd0
--- /dev/null
+++ b/doc/ssl/SSL_SESSION_get0_id_context.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+SSL_SESSION_get0_id_context - get the SSL ID context associated with a session
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ const unsigned char *SSL_SESSION_get0_id_context(const SSL_SESSION *s,
+                                                  unsigned int *len)
+
+=head1 DESCRIPTION
+
+SSL_SESSION_get0_id_context() returns the ID context associated with
+the SSL/TLS session B<s>. The length of the ID context is written to
+B<*len> if B<len> is not NULL.
+
+The value returned is a pointer to an object maintained within B<s> and
+should not be released.
+
+=head1 SEE ALSO
+
+L<ssl(3)>,
+L<SSL_set_session_id_context(3)>
+
+=head1 HISTORY
+
+SSL_SESSION_get0_id_context() was first added to OpenSSL 1.1.0
+
+=head1 COPYRIGHT
+
+Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/doc/ssl/SSL_SESSION_set1_id.pod b/doc/ssl/SSL_SESSION_set1_id.pod
new file mode 100644
index 0000000000..fe8a1c485a
--- /dev/null
+++ b/doc/ssl/SSL_SESSION_set1_id.pod
@@ -0,0 +1,41 @@
+=pod
+
+=head1 NAME
+
+SSL_SESSION_set1_id - set the SSL session ID
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ int SSL_SESSION_set1_id(SSL_SESSION *s, const unsigned char *sid,
+                         unsigned int sid_len);
+
+=head1 DESCRIPTION
+
+SSL_SESSION_set1_id() sets the the session ID for the B<ssl> SSL/TLS session
+to B<sid> of length B<sid_len>.
+
+=head1 RETURN VALUES
+
+SSL_SESSION_set1_id() returns 1 for success and 0 for failure, for example
+if the supplied session ID length exceeds B<SSL_MAX_SSL_SESSION_ID_LENGTH>.
+
+=head1 SEE ALSO
+
+L<ssl(3)>
+
+=head1 HISTORY
+
+SSL_SESSION_set1_id() was first added to OpenSSL 1.1.0
+
+=head1 COPYRIGHT
+
+Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the OpenSSL license (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
-- 
cgit v1.2.3