From 43b3141f93bdd1dc5ca73a8082458f31fef8af36 Mon Sep 17 00:00:00 2001
From: Andy Green <andy@warmcat.com>
Date: Sat, 9 Sep 2017 07:56:25 +0800
Subject: [PATCH] wrapper: introduce SSL_get0_param

This adds the standard OpenSSL api to get a pointer to the SSL struct's
X509_VERIFY_PARAM.  We need this for the OpenSSL api to set the peer
hostname introduced in the next patch.
---
 lib/mbedtls_wrapper/include/openssl/ssl.h | 9 +++++++++
 lib/mbedtls_wrapper/library/ssl_x509.c    | 9 +++++++++
 2 files changed, 18 insertions(+)

diff --git a/lib/mbedtls_wrapper/include/openssl/ssl.h b/lib/mbedtls_wrapper/include/openssl/ssl.h
index f33b02d44..d9f8b4c9c 100755
--- a/lib/mbedtls_wrapper/include/openssl/ssl.h
+++ b/lib/mbedtls_wrapper/include/openssl/ssl.h
@@ -1513,6 +1513,15 @@ long SSL_get_timeout(const SSL *ssl);
  */
 int SSL_get_verify_mode(const SSL *ssl);
 
+/**
+ * @brief get SSL verify parameters
+ *
+ * @param ssl - SSL point
+ *
+ * @return verify parameters
+ */
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl);
+
 /**
  * @brief get SSL write only IO handle
  *
diff --git a/lib/mbedtls_wrapper/library/ssl_x509.c b/lib/mbedtls_wrapper/library/ssl_x509.c
index 73f4c16ca..58e7bfab2 100644
--- a/lib/mbedtls_wrapper/library/ssl_x509.c
+++ b/lib/mbedtls_wrapper/library/ssl_x509.c
@@ -117,6 +117,15 @@ failed1:
     return NULL;
 }
 
+/**
+ * @brief return SSL X509 verify parameters
+ */
+
+X509_VERIFY_PARAM *SSL_get0_param(SSL *ssl)
+{
+	return &ssl->param;
+}
+
 /**
  * @brief set SSL context client CA certification
  */