From 9229407129844245af89f44805ca91420b0eabf4 Mon Sep 17 00:00:00 2001
From: Wez Furlong <wez@wezfurlong.org>
Date: Sat, 14 Oct 2023 12:58:45 -0700
Subject: [PATCH] expose DANE functions for SSL/SSL_CTX

The docs at https://www.openssl.org/docs/man1.1.1/man3/SSL_dane_clear_flags.html
indicate that DANE functionality has been available since version 1.1.0
---
 openssl-sys/src/handwritten/ssl.rs | 38 ++++++++++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/openssl-sys/src/handwritten/ssl.rs b/openssl-sys/src/handwritten/ssl.rs
index d4f4b619f4..9a0b3ee601 100644
--- a/openssl-sys/src/handwritten/ssl.rs
+++ b/openssl-sys/src/handwritten/ssl.rs
@@ -924,3 +924,41 @@ extern "C" {
     #[cfg(all(ossl111, not(ossl111b)))]
     pub fn SSL_get_num_tickets(s: *mut SSL) -> size_t;
 }
+
+#[cfg(ossl110)]
+extern "C" {
+    pub fn SSL_CTX_dane_enable(ctx: *mut SSL_CTX) -> c_int;
+    pub fn SSL_CTX_dane_mtype_set(
+        ctx: *mut SSL_CTX,
+        md: *const EVP_MD,
+        mtype: u8,
+        ord: u8,
+    ) -> c_int;
+    pub fn SSL_dane_enable(s: *mut SSL, basedomain: *const c_char) -> c_int;
+    pub fn SSL_dane_tlsa_add(
+        s: *mut SSL,
+        usage: u8,
+        selector: u8,
+        mtype: u8,
+        data: *const c_uchar,
+        dlen: size_t,
+    ) -> c_int;
+    pub fn SSL_get0_dane_authority(
+        s: *mut SSL,
+        mcert: *mut *mut X509,
+        mspki: *mut *mut EVP_PKEY,
+    ) -> c_int;
+    pub fn SSL_get0_dane_tlsa(
+        s: *mut SSL,
+        usage: *mut u8,
+        selector: *mut u8,
+        mtype: *mut u8,
+        data: *mut *const c_uchar,
+        dlen: *mut size_t,
+    ) -> c_int;
+
+    pub fn SSL_CTX_dane_set_flags(ctx: *mut SSL_CTX, flags: c_ulong) -> c_ulong;
+    pub fn SSL_CTX_dane_clear_flags(ctx: *mut SSL_CTX, flags: c_ulong) -> c_ulong;
+    pub fn SSL_dane_set_flags(ssl: *mut SSL, flags: c_ulong) -> c_ulong;
+    pub fn SSL_dane_clear_flags(ssl: *mut SSL, flags: c_ulong) -> c_ulong;
+}