Add SSL_CTX early callback

[openssl.git] / ssl / ssl_locl.h

diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
index 40bcdd26f24f3132cce288b7d2133b0a7c514059..89eeb453531817ca2df8a5c5c9f17d2a161d1eaa 100644 (file)
--- a/ssl/ssl_locl.h
+++ b/ssl/ssl_locl.h
@@ -830,6 +830,10 @@ struct ssl_ctx_st {
     ENGINE *client_cert_engine;
 # endif
 
+    /* Early callback.  Mostly for extensions, but not entirely. */
+    SSL_early_cb_fn early_cb;
+    void *early_cb_arg;
+
     /* TLS extensions. */
     struct {
         /* TLS extensions servername callback */
@@ -1171,6 +1175,9 @@ struct ssl_st {
         int use_etm;
     } ext;
 
+    /* Parsed form of the ClientHello, kept around across early_cb calls. */
+    CLIENTHELLO_MSG *clienthello;
+
     /*-
      * no further mod of servername
      * 0 : call the servername extension callback.