From e97be718044fd9a296f05f13e3ad91427b212b7c Mon Sep 17 00:00:00 2001
From: Matt Caswell <matt@openssl.org>
Date: Mon, 13 Aug 2018 15:53:42 +0100
Subject: Add support for SSL_CTX_set_post_handshake_auth()

We already have SSL_set_post_handshake_auth(). This just adds the SSL_CTX
equivalent.

Reviewed-by: Tim Hudson <tjh@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/6938)
---
 ssl/ssl_lib.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'ssl/ssl_lib.c')

diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
index 89570fbe3a..7e8093bcfd 100644
--- a/ssl/ssl_lib.c
+++ b/ssl/ssl_lib.c
@@ -702,6 +702,7 @@ SSL *SSL_new(SSL_CTX *ctx)
     s->max_early_data = ctx->max_early_data;
     s->recv_max_early_data = ctx->recv_max_early_data;
     s->num_tickets = ctx->num_tickets;
+    s->pha_enabled = ctx->pha_enabled;
 
     /* Shallow copy of the ciphersuites stack */
     s->tls13_ciphersuites = sk_SSL_CIPHER_dup(ctx->tls13_ciphersuites);
@@ -5455,6 +5456,11 @@ int SSL_stateless(SSL *s)
     return -1;
 }
 
+void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
+{
+    ctx->pha_enabled = val;
+}
+
 void SSL_set_post_handshake_auth(SSL *ssl, int val)
 {
     ssl->pha_enabled = val;
-- 
cgit v1.2.3