From b8c5218ad3911fa64e49271b5cc5d772d9e09db3 Mon Sep 17 00:00:00 2001
From: Takashi Kojo <kojo@wolfsssl.com>
Date: Wed, 7 Jun 2017 14:53:24 +0900
Subject: [PATCH] add SSL_CTX_set_alpn_protos

---
 src/ssl.c                | 33 +++++++++++++++++++++++++++++++++
 wolfssl/internal.h       |  2 ++
 wolfssl/openssl/crypto.h |  3 ---
 wolfssl/openssl/ssl.h    |  2 ++
 wolfssl/ssl.h            |  5 +++++
 5 files changed, 42 insertions(+), 3 deletions(-)

diff --git a/src/ssl.c b/src/ssl.c
index b70765246..377342069 100644
--- a/src/ssl.c
+++ b/src/ssl.c
@@ -21215,6 +21215,10 @@ void wolfSSL_OPENSSL_free(void* p)
     XFREE(p, NULL, DYNAMIC_TYPE_OPENSSL);
 }
 
+void *wolfSSL_OPENSSL_malloc(size_t a)
+{
+  return XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL);
+}
 #if defined(WOLFSSL_KEY_GEN)
 
 static int EncryptDerKey(byte *der, int *derSz, const EVP_CIPHER* cipher,
@@ -26404,6 +26408,35 @@ int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg)
     return SSL_SUCCESS;
 }
 
+void *wolfSSL_OPENSSL_memdup(const void *data, size_t siz, const char* file, int line)
+{
+    (void)file;
+    (void)line;
+    void *ret;
+
+    if (data == NULL || siz >= INT_MAX)
+        return NULL;
+
+    ret = OPENSSL_malloc(siz);
+    if (ret == NULL) {
+        return NULL;
+    }
+    return XMEMCPY(ret, data, siz);
+}
+
+int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx, const unsigned char *p,
+                            unsigned int p_len)
+{
+    wolfSSL_OPENSSL_free((void *)ctx->alpn_cli_protos);
+    ctx->alpn_cli_protos = wolfSSL_OPENSSL_memdup(p, p_len, NULL, 0);
+    if (ctx->alpn_cli_protos == NULL) {
+        return 1;
+    }
+    ctx->alpn_cli_protos_len = p_len;
+
+    return 0;
+}
+
 #endif
 
 #endif /* WOLFCRYPT_ONLY */
diff --git a/wolfssl/internal.h b/wolfssl/internal.h
index c1957f967..f2d582ddf 100644
--- a/wolfssl/internal.h
+++ b/wolfssl/internal.h
@@ -2316,6 +2316,8 @@ struct WOLFSSL_CTX {
     word32            disabledCurves;   /* curves disabled by user */
     byte              verifyDepth;      /* maximum verification depth */
     unsigned long     mask;             /* store SSL_OP_ flags */
+    const unsigned char *alpn_cli_protos;/* ALPN client protocol list */
+    unsigned int         alpn_cli_protos_len;
 #endif
     CallbackIORecv CBIORecv;
     CallbackIOSend CBIOSend;
diff --git a/wolfssl/openssl/crypto.h b/wolfssl/openssl/crypto.h
index e00c00a90..fdcfe2571 100644
--- a/wolfssl/openssl/crypto.h
+++ b/wolfssl/openssl/crypto.h
@@ -42,9 +42,6 @@ typedef void (CRYPTO_free_func)(void*parent, void*ptr, CRYPTO_EX_DATA *ad, int i
 #define CRYPTO_THREAD_r_lock wc_LockMutex
 #define CRYPTO_THREAD_unlock wc_UnLockMutex
 
-#define OPENSSL_malloc(a)  XMALLOC(a, NULL, DYNAMIC_TYPE_OPENSSL)
-
 #endif /* HAVE_STUNNEL || WOLFSSL_NGINX || WOLFSSL_HAPROXY */
 
 #endif /* header */
-
diff --git a/wolfssl/openssl/ssl.h b/wolfssl/openssl/ssl.h
index df445f8b2..e548e0c90 100644
--- a/wolfssl/openssl/ssl.h
+++ b/wolfssl/openssl/ssl.h
@@ -220,6 +220,7 @@ typedef WOLFSSL_X509_STORE_CTX X509_STORE_CTX;
 #define X509_digest wolfSSL_X509_digest
 #define X509_free wolfSSL_X509_free
 #define OPENSSL_free wolfSSL_OPENSSL_free
+#define OPENSSL_malloc wolfSSL_OPENSSL_malloc
 
 #define OCSP_parse_url wolfSSL_OCSP_parse_url
 #define SSLv23_client_method wolfSSLv23_client_method
@@ -776,6 +777,7 @@ typedef WOLFSSL_ASN1_BIT_STRING    ASN1_BIT_STRING;
 #endif
 
 #define OPENSSL_config	                  wolfSSL_OPENSSL_config
+#define OPENSSL_memdup                    wolfSSL_OPENSSL_memdup
 #define X509_get_ex_new_index             wolfSSL_X509_get_ex_new_index
 #define X509_get_ex_data                  wolfSSL_X509_get_ex_data
 #define X509_set_ex_data                  wolfSSL_X509_set_ex_data
diff --git a/wolfssl/ssl.h b/wolfssl/ssl.h
index c9ccbb273..73beea756 100644
--- a/wolfssl/ssl.h
+++ b/wolfssl/ssl.h
@@ -632,6 +632,7 @@ WOLFSSL_API WOLFSSL_SESSION* wolfSSL_get1_session(WOLFSSL* ssl);
 
 WOLFSSL_API void wolfSSL_X509_free(WOLFSSL_X509*);
 WOLFSSL_API void wolfSSL_OPENSSL_free(void*);
+WOLFSSL_API void *wolfSSL_OPENSSL_malloc(size_t a);
 
 WOLFSSL_API int wolfSSL_OCSP_parse_url(char* url, char** host, char** port,
                                      char** path, int* ssl);
@@ -2507,6 +2508,10 @@ WOLFSSL_API int wolfSSL_set_msg_callback_arg(WOLFSSL *ssl, void* arg);
 #ifdef OPENSSL_EXTRA
 WOLFSSL_API unsigned long wolfSSL_ERR_peek_error_line_data(const char **file,
     int *line, const char **data, int *flags);
+WOLFSSL_API int wolfSSL_CTX_set_alpn_protos(WOLFSSL_CTX *ctx,
+    const unsigned char *protos, unsigned int protos_len);
+WOLFSSL_API void *wolfSSL_OPENSSL_memdup(const void *data,
+    size_t siz, const char* file, int line);
 #endif
 
 #if defined WOLFSSL_NGINX || defined WOLFSSL_HAPROXY