New functions to retrieve certificate from SSL_CTX

[openssl.git] / ssl / ssl.h

diff --git a/ssl/ssl.h b/ssl/ssl.h
index a33b0fbc0d54cfbe433e712e06d1d9f4c8d28496..1b7fa589d6d747691a47c0be8482e2bf3344e823 100644 (file)
--- a/ssl/ssl.h
+++ b/ssl/ssl.h
@@ -1223,17 +1223,19 @@ void SSL_CTX_set_next_proto_select_cb(SSL_CTX *s,
                                                 const unsigned char *in,
                                                 unsigned int inlen, void *arg),
                                      void *arg);
+void SSL_get0_next_proto_negotiated(const SSL *s,
+                                   const unsigned char **data, unsigned *len);
+#endif
 
+#ifndef OPENSSL_NO_TLSEXT
 int SSL_select_next_proto(unsigned char **out, unsigned char *outlen,
                          const unsigned char *in, unsigned int inlen,
                          const unsigned char *client, unsigned int client_len);
-void SSL_get0_next_proto_negotiated(const SSL *s,
-                                   const unsigned char **data, unsigned *len);
+#endif
 
 #define OPENSSL_NPN_UNSUPPORTED        0
 #define OPENSSL_NPN_NEGOTIATED 1
 #define OPENSSL_NPN_NO_OVERLAP 2
-#endif
 
 int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char* protos,
                            unsigned protos_len);
@@ -2324,7 +2326,10 @@ STACK_OF(X509_NAME) *SSL_dup_CA_list(STACK_OF(X509_NAME) *sk);
 SSL *SSL_dup(SSL *ssl);
 
 X509 *SSL_get_certificate(const SSL *ssl);
-/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(const SSL *ssl);
+
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
 
 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx,int mode);
 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx);