X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=ssl%2Fssl_lib.c;h=8f0eb154435fc48dbc86513d4a4bd2e29c564a0d;hp=54f02a67c49978b9a240d819298db18ceca7abf0;hb=7988163c3bd5d4c72e12ac7db960da57eba4eb0e;hpb=5eda213ebe382009c2f37a8eade5cbcdae6017ed

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 54f02a67c4..8f0eb15443 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -536,6 +536,16 @@ int SSL_set1_param(SSL *ssl, X509_VERIFY_PARAM *vpm)
 	return X509_VERIFY_PARAM_set1(ssl->param, vpm);
 	}
 
+X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
+	{
+	return ctx->param;
+	}
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+	{
+	return ssl->param;
+	}
+
 void SSL_certs_clear(SSL *s)
 	{
 	ssl_cert_clear_certs(s->cert);
@@ -1596,7 +1606,6 @@ int SSL_get_servername_type(const SSL *s)
 	return -1;
 	}
 
-# ifndef OPENSSL_NO_NEXTPROTONEG
 /* SSL_select_next_proto implements the standard protocol selection. It is
  * expected that this function is called from the callback set by
  * SSL_CTX_set_next_proto_select_cb.
@@ -1663,6 +1672,7 @@ int SSL_select_next_proto(unsigned char **out, unsigned char *outlen, const unsi
 	return status;
 	}
 
+# ifndef OPENSSL_NO_NEXTPROTONEG
 /* SSL_get0_next_proto_negotiated sets *data and *len to point to the client's
  * requested protocol for this connection and returns 0. If the client didn't
  * request any protocol, then *data is set to NULL.
@@ -2512,8 +2522,8 @@ void ssl_set_cert_masks(CERT *c, const SSL_CIPHER *cipher)
 #ifndef OPENSSL_NO_ECDH
 	if (have_ecdh_tmp)
 		{
-		mask_k|=SSL_kEECDH;
-		emask_k|=SSL_kEECDH;
+		mask_k|=SSL_kECDHE;
+		emask_k|=SSL_kECDHE;
 		}
 #endif
 
@@ -3103,7 +3113,6 @@ void ssl_clear_cipher_ctx(SSL *s)
 #endif
 	}
 
-/* Fix this function so that it takes an optional type parameter */
 X509 *SSL_get_certificate(const SSL *s)
 	{
 	if (s->cert != NULL)
@@ -3112,8 +3121,7 @@ X509 *SSL_get_certificate(const SSL *s)
 		return(NULL);
 	}
 
-/* Fix this function so that it takes an optional type parameter */
-EVP_PKEY *SSL_get_privatekey(SSL *s)
+EVP_PKEY *SSL_get_privatekey(const SSL *s)
 	{
 	if (s->cert != NULL)
 		return(s->cert->key->privatekey);
@@ -3121,6 +3129,22 @@ EVP_PKEY *SSL_get_privatekey(SSL *s)
 		return(NULL);
 	}
 
+X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
+	{
+	if (ctx->cert != NULL)
+		return ctx->cert->key->x509;
+	else
+		return NULL;
+	}
+
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
+	{
+	if (ctx->cert != NULL)
+		return ctx->cert->key->privatekey;
+	else
+		return NULL ;
+	}
+
 const SSL_CIPHER *SSL_get_current_cipher(const SSL *s)
 	{
 	if ((s->session != NULL) && (s->session->cipher != NULL))