Prepare to provide SSL_CTX_get0_privatekey()

ok beck

2 files changed, 14 insertions, 2 deletions

diff --git a/lib/libssl/ssl.h b/lib/libssl/ssl.h
index 49335fc55a8..7da3658d3f6 100644
--- a/lib/libssl/ssl.h
+++ b/lib/libssl/ssl.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl.h,v 1.200 2021/09/08 17:27:33 tb Exp $ */
+/* $OpenBSD: ssl.h,v 1.201 2021/09/10 08:59:56 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -1240,6 +1240,9 @@ long SSL_CTX_get_timeout(const SSL_CTX *ctx);
 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
 void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
 X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx);
+#if defined(LIBRESSL_INTERNAL)
+EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx);
+#endif
 int SSL_want(const SSL *s);
 int	SSL_clear(SSL *s);
 
diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 430e9bdc120..0f86238d5e2 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.267 2021/09/08 17:27:33 tb Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.268 2021/09/10 08:59:56 tb Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -3058,6 +3058,15 @@ SSL_CTX_get0_certificate(const SSL_CTX *ctx)
 	return ctx->internal->cert->key->x509;
 }
 
+EVP_PKEY *
+SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
+{
+	if (ctx->internal->cert == NULL)
+		return NULL;
+
+	return ctx->internal->cert->key->privatekey;
+}
+
 int
 SSL_want(const SSL *s)
 {