From ab23803dd504e7169d40b15f0191e8997737ffdf Mon Sep 17 00:00:00 2001
From: Zhang Jingqiang <zh_jq@outlook.com>
Date: Thu, 18 Jan 2024 16:39:07 +0800
Subject: [PATCH] add SslContext::set_status_type

---
 openssl-sys/src/ssl.rs  |  1 +
 openssl-sys/src/tls1.rs | 28 ++++++++++++++++++++++++++++
 openssl/src/ssl/mod.rs  |  8 ++++++++
 3 files changed, 37 insertions(+)

diff --git a/openssl-sys/src/ssl.rs b/openssl-sys/src/ssl.rs
index 29c4d1ba..c26c3a06 100644
--- a/openssl-sys/src/ssl.rs
+++ b/openssl-sys/src/ssl.rs
@@ -380,6 +380,7 @@ pub const SSL_CTRL_GET_EXTMS_SUPPORT: c_int = 122;
 pub const SSL_CTRL_SET_MIN_PROTO_VERSION: c_int = 123;
 #[cfg(any(ossl110, libressl261))]
 pub const SSL_CTRL_SET_MAX_PROTO_VERSION: c_int = 124;
+pub const SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE: cint = 127;
 #[cfg(any(ossl110g, libressl270))]
 pub const SSL_CTRL_GET_MIN_PROTO_VERSION: c_int = 130;
 #[cfg(any(ossl110g, libressl270))]
diff --git a/openssl-sys/src/tls1.rs b/openssl-sys/src/tls1.rs
index 2cb08a91..f8c2e054 100644
--- a/openssl-sys/src/tls1.rs
+++ b/openssl-sys/src/tls1.rs
@@ -38,6 +38,15 @@ pub unsafe fn SSL_set_tlsext_status_type(s: *mut SSL, type_: c_int) -> c_long {
     )
 }
 
+pub unsafe fn SSL_get_tlsext_status_type(s: *mut SSL) -> c_long {
+    SSL_ctrl(
+        s,
+        SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,
+        0,
+        ptr::null_mut(),
+    )
+}
+
 pub unsafe fn SSL_get_tlsext_status_ocsp_resp(ssl: *mut SSL, resp: *mut *mut c_uchar) -> c_long {
     SSL_ctrl(
         ssl,
@@ -96,3 +105,22 @@ pub unsafe fn SSL_CTX_set_tlsext_status_cb(
 pub unsafe fn SSL_CTX_set_tlsext_status_arg(ctx: *mut SSL_CTX, arg: *mut c_void) -> c_long {
     SSL_CTX_ctrl(ctx, SSL_CTRL_SET_TLSEXT_STATUS_REQ_CB_ARG, 0, arg)
 }
+
+pub unsafe fn SSL_CTX_set_tlsext_status_type(ctx: *mut SSL_CTX, type_: c_int) -> c_long {
+    SSL_CTX_ctrl(
+        ctx,
+        SSL_CTRL_SET_TLSEXT_STATUS_REQ_TYPE,
+        type_ as c_long,
+        ptr::null_mut(),
+    )
+}
+
+pub unsafe fn SSL_CTX_get_tlsext_status_type(ctx: *mut SSL_CTX) -> c_long {
+    SSL_CTX_ctrl(
+        ctx,
+        SSL_CTRL_GET_TLSEXT_STATUS_REQ_TYPE,
+        0,
+        ptr::null_mut(),
+    )
+}
+
diff --git a/openssl/src/ssl/mod.rs b/openssl/src/ssl/mod.rs
index 79823889..1fb519bd 100644
--- a/openssl/src/ssl/mod.rs
+++ b/openssl/src/ssl/mod.rs
@@ -1525,6 +1525,14 @@ impl SslContextBuilder {
         unsafe { X509VerifyParamRef::from_ptr_mut(ffi::SSL_CTX_get0_param(self.as_ptr())) }
     }
 
+    /// Sets the status response a client wishes the server to reply with.
+    #[corresponds(SSL_CTX_set_tlsext_status_type)]
+    pub fn set_status_type(&mut self, type_: StatusType) -> Result<(), ErrorStack> {
+        unsafe {
+            cvt(ffi::SSL_CTX_set_tlsext_status_type(self.as_ptr(), type_.as_raw()) as c_int).map(|_| ())
+        }
+    }
+
     /// Sets the callback dealing with OCSP stapling.
     ///
     /// On the client side, this callback is responsible for validating the OCSP status response