Add support for ServerInfo SSL_CONF option.

Add support for ServerInfo SSL_CONF option and update documentation. This
was wrongly omitted from the 1.0.2 release.

Reviewed-by: Richard Levitte <levitte@openssl.org>

2 files changed, 18 insertions, 0 deletions

diff --git a/doc/ssl/SSL_CONF_cmd.pod b/doc/ssl/SSL_CONF_cmd.pod
index 6d073cb9fc..2bf1a60e90 100644
--- a/doc/ssl/SSL_CONF_cmd.pod
+++ b/doc/ssl/SSL_CONF_cmd.pod
@@ -195,6 +195,11 @@ context. This option is only supported if certificate operations
 are permitted. Note: if no B<-key> option is set then a private key is
 not loaded: it does not currently use the B<Certificate> file.
 
+=item B<ServerInfoFile>
+
+Attempts to use the file B<value> in the "serverinfo" extension using the
+function SSL_CTX_use_serverinfo_file.
+
 =item B<DHParameters>
 
 Attempts to use the file B<value> as the set of temporary DH parameters for
diff --git a/ssl/ssl_conf.c b/ssl/ssl_conf.c
index d950242f0b..5478840dea 100644
--- a/ssl/ssl_conf.c
+++ b/ssl/ssl_conf.c
@@ -386,6 +386,18 @@ static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value)
     return rv > 0;
 }
 
+static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value)
+{
+    int rv = 1;
+    if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE))
+        return -2;
+    if (!(cctx->flags & SSL_CONF_FLAG_SERVER))
+        return -2;
+    if (cctx->ctx)
+        rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value);
+    return rv > 0;
+}
+
 #ifndef OPENSSL_NO_DH
 static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value)
 {
@@ -444,6 +456,7 @@ static const ssl_conf_cmd_tbl ssl_conf_cmds[] = {
     SSL_CONF_CMD_STRING(Options, NULL),
     SSL_CONF_CMD(Certificate, "cert", SSL_CONF_TYPE_FILE),
     SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_TYPE_FILE),
+    SSL_CONF_CMD(ServerInfoFile, NULL, SSL_CONF_TYPE_FILE),
 #ifndef OPENSSL_NO_DH
     SSL_CONF_CMD(DHParameters, "dhparam", SSL_CONF_TYPE_FILE)
 #endif