Index: patches.chromium/0011-export_certificate_types.patch |
diff --git a/patches.chromium/0011-export_certificate_types.patch b/patches.chromium/0011-export_certificate_types.patch |
new file mode 100644 |
index 0000000000000000000000000000000000000000..89cb19f68c27de8897c4c35996a13477c3187607 |
--- /dev/null |
+++ b/patches.chromium/0011-export_certificate_types.patch |
@@ -0,0 +1,53 @@ |
+diff --git a/include/openssl/ssl.h b/include/openssl/ssl.h |
+index a3944f1..7c5a4c9 100644 |
+--- a/include/openssl/ssl.h |
++++ b/include/openssl/ssl.h |
+@@ -1982,6 +1982,8 @@ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s); |
+ int SSL_add_client_CA(SSL *ssl,X509 *x); |
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x); |
+ |
++void SSL_get_client_certificate_types(SSL *s, char **ctype, size_t *ctype_num); |
++ |
+ void SSL_set_connect_state(SSL *s); |
+ void SSL_set_accept_state(SSL *s); |
+ |
+diff --git a/ssl/ssl.h b/ssl/ssl.h |
+index a3944f1..7c5a4c9 100644 |
+--- a/ssl/ssl.h |
++++ b/ssl/ssl.h |
+@@ -1982,6 +1982,8 @@ STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *s); |
+ int SSL_add_client_CA(SSL *ssl,X509 *x); |
+ int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x); |
+ |
++void SSL_get_client_certificate_types(SSL *s, char **ctype, size_t *ctype_num); |
++ |
+ void SSL_set_connect_state(SSL *s); |
+ void SSL_set_accept_state(SSL *s); |
+ |
+diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c |
+index 5123a89..e321531 100644 |
+--- a/ssl/ssl_cert.c |
++++ b/ssl/ssl_cert.c |
+@@ -660,6 +660,22 @@ static int xname_cmp(const X509_NAME * const *a, const X509_NAME * const *b) |
+ return(X509_NAME_cmp(*a,*b)); |
+ } |
+ |
++void SSL_get_client_certificate_types(SSL *s, char **ctype, size_t *ctype_num) |
++ { |
++ /* Nothing to return for the server or SSL2. */ |
++ if (s->server || |
++ (s->version < SSL3_VERSION && s->version != DTLS1_BAD_VER) || |
++ s->s3 == NULL) |
++ { |
++ *ctype = NULL; |
++ *ctype_num = 0; |
++ return; |
++ } |
++ |
++ *ctype = s->s3->tmp.ctype; |
++ *ctype_num = s->s3->tmp.ctype_num; |
++ } |
++ |
+ #ifndef OPENSSL_NO_STDIO |
+ /*! |
+ * Load CA certs from a file into a ::STACK. Note that it is somewhat misnamed; |