Document the SSL_set_session_secret_cb() function

This function is only useful for EAP-FAST, but was previously undocumented.

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24309)

(cherry picked from commit aecaaccaf93c4b36dd830accf08f2175059c5782)

4 files changed, 76 insertions, 1 deletions

diff --git a/doc/build.info b/doc/build.info
index 85d722ae0c..9f6d89e7c6 100644
--- a/doc/build.info
+++ b/doc/build.info
@@ -2727,6 +2727,10 @@ DEPEND[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod
 GENERATE[html/man3/SSL_set_session.html]=man3/SSL_set_session.pod
 DEPEND[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod
 GENERATE[man/man3/SSL_set_session.3]=man3/SSL_set_session.pod
+DEPEND[html/man3/SSL_set_session_secret_cb.html]=man3/SSL_set_session_secret_cb.pod
+GENERATE[html/man3/SSL_set_session_secret_cb.html]=man3/SSL_set_session_secret_cb.pod
+DEPEND[man/man3/SSL_set_session_secret_cb.3]=man3/SSL_set_session_secret_cb.pod
+GENERATE[man/man3/SSL_set_session_secret_cb.3]=man3/SSL_set_session_secret_cb.pod
 DEPEND[html/man3/SSL_set_shutdown.html]=man3/SSL_set_shutdown.pod
 GENERATE[html/man3/SSL_set_shutdown.html]=man3/SSL_set_shutdown.pod
 DEPEND[man/man3/SSL_set_shutdown.3]=man3/SSL_set_shutdown.pod
@@ -3605,6 +3609,7 @@ html/man3/SSL_set_fd.html \
 html/man3/SSL_set_incoming_stream_policy.html \
 html/man3/SSL_set_retry_verify.html \
 html/man3/SSL_set_session.html \
+html/man3/SSL_set_session_secret_cb.html \
 html/man3/SSL_set_shutdown.html \
 html/man3/SSL_set_verify_result.html \
 html/man3/SSL_shutdown.html \
@@ -4248,6 +4253,7 @@ man/man3/SSL_set_fd.3 \
 man/man3/SSL_set_incoming_stream_policy.3 \
 man/man3/SSL_set_retry_verify.3 \
 man/man3/SSL_set_session.3 \
+man/man3/SSL_set_session_secret_cb.3 \
 man/man3/SSL_set_shutdown.3 \
 man/man3/SSL_set_verify_result.3 \
 man/man3/SSL_shutdown.3 \
diff --git a/doc/man3/SSL_set_session_secret_cb.pod b/doc/man3/SSL_set_session_secret_cb.pod
new file mode 100644
index 0000000000..e79d81d40a
--- /dev/null
+++ b/doc/man3/SSL_set_session_secret_cb.pod
@@ -0,0 +1,69 @@
+=pod
+
+=head1 NAME
+
+SSL_set_session_secret_cb, tls_session_secret_cb_fn
+- set the session secret callback
+
+=head1 SYNOPSIS
+
+ #include <openssl/ssl.h>
+
+ typedef int (*tls_session_secret_cb_fn)(SSL *s, void *secret, int *secret_len,
+                                         STACK_OF(SSL_CIPHER) *peer_ciphers,
+                                         const SSL_CIPHER **cipher, void *arg);
+
+ int SSL_set_session_secret_cb(SSL *s,
+                               tls_session_secret_cb_fn session_secret_cb,
+                               void *arg);
+
+=head1 DESCRIPTION
+
+SSL_set_session_secret_cb() sets the session secret callback to be used
+(I<session_secret_cb>), and an optional argument (I<arg>) to be passed to that
+callback when it is called. This is only useful for an implementation of
+EAP-FAST (RFC4851). The presence of the callback also modifies the internal
+OpenSSL TLS state machine to match the modified TLS behaviour as described in
+RFC4851. Therefore this callback should not be used except when implementing
+EAP-FAST.
+
+The callback is expected to set the master secret to be used by filling in the
+data pointed to by I<*secret>. The size of the secret buffer is initially
+available in I<*secret_len> and may be updated by the callback (but must not be
+larger than the initial value).
+
+On the server side the set of ciphersuites offered by the peer is provided in
+the I<peer_ciphers> stack. Optionally the callback may select the preferred
+ciphersuite by setting it in I<*cipher>.
+
+On the client side the I<peer_ciphers> stack will always be NULL. The callback
+may specify the preferred cipher in I<*cipher> and this will be associated with
+the B<SSL_SESSION> - but it does not affect the ciphersuite selected by the
+server.
+
+The callback is also supplied with an additional argument in I<arg> which is the
+argument that was provided to the original SSL_set_session_secret_cb() call.
+
+=head1 RETURN VALUES
+
+SSL_set_session_secret_cb() returns 1 on success and 0 on failure.
+
+If the callback returns 1 then this indicates it has successfully set the
+secret. A return value of 0 indicates that the secret has not been set. On the
+client this will cause an immediate abort of the handshake.
+
+=head1 SEE ALSO
+
+L<ssl(7)>,
+L<SSL_get_session(3)>
+
+=head1 COPYRIGHT
+
+Copyright 2024 The OpenSSL Project Authors. All Rights Reserved.
+
+Licensed under the Apache License 2.0 (the "License").  You may not use
+this file except in compliance with the License.  You can obtain a copy
+in the file LICENSE in the source distribution or at
+L<https://www.openssl.org/source/license.html>.
+
+=cut
diff --git a/util/missingssl.txt b/util/missingssl.txt
index 1338feed71..8da9842a0b 100644
--- a/util/missingssl.txt
+++ b/util/missingssl.txt
@@ -25,7 +25,6 @@ SSL_get_peer_finished(3)
 SSL_set_SSL_CTX(3)
 SSL_set_debug(3)
 SSL_set_not_resumable_session_callback(3)
-SSL_set_session_secret_cb(3)
 SSL_set_session_ticket_ext(3)
 SSL_set_session_ticket_ext_cb(3)
 SSL_srp_server_param_with_username(3)
diff --git a/util/other.syms b/util/other.syms
index 9794fde714..0de7855794 100644
--- a/util/other.syms
+++ b/util/other.syms
@@ -143,6 +143,7 @@ custom_ext_free_cb                      datatype
 custom_ext_parse_cb                     datatype
 pem_password_cb                         datatype
 ssl_ct_validation_cb                    datatype
+tls_session_secret_cb_fn                datatype
 ASYNC_stack_alloc_fn                    datatype
 ASYNC_stack_free_fn                     datatype
 PKCS12_create_cb                        datatype