RFC6689 support: add missing commit (git noob alert).

ssl/ssl.h

@@ -1428,6 +1428,10 @@ struct ssl_st
 
 #ifndef OPENSSL_NO_SRP
 	SRP_CTX srp_ctx; /* ctx for SRP authentication */
+#endif
+#ifndef OPENSSL_NO_DANE
+	unsigned char *tlsa_record;
+	int tlsa_witness;
 #endif
 	};
 
@@ -1712,6 +1716,9 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_CTRL_GET_SERVER_TMP_KEY		109
 #define SSL_CTRL_GET_RAW_CIPHERLIST		110
 #define SSL_CTRL_GET_EC_POINT_FORMATS		111
+#define SSL_CTRL_GET_TLSA_RECORD		112
+#define SSL_CTRL_SET_TLSA_RECORD		113
+#define SSL_CTRL_PULL_TLSA_RECORD		114
 
 #define DTLSv1_get_timeout(ssl, arg) \
 	SSL_ctrl(ssl,DTLS_CTRL_GET_TIMEOUT,0, (void *)arg)
@@ -1848,6 +1855,11 @@ DECLARE_PEM_rw(SSL_SESSION, SSL_SESSION)
 #define SSL_get0_ec_point_formats(s, plst) \
 	SSL_ctrl(s,SSL_CTRL_GET_EC_POINT_FORMATS,0,plst)
 
+#define SSL_set_tlsa_record(s,tlsa) \
+	SSL_ctrl(s,SSL_CTRL_SET_TLSA_RECORD,0,(void *)tlsa)
+#define SSL_pull_tlsa_record(s,host,port) \
+	SSL_ctrl(s,SSL_CTRL_PULL_TLSA_RECORD,port,host)
+
 #ifndef OPENSSL_NO_BIO
 BIO_METHOD *BIO_f_ssl(void);
 BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
@@ -2283,6 +2295,8 @@ void SSL_trace(int write_p, int version, int content_type,
 const char *SSL_CIPHER_standard_name(const SSL_CIPHER *c);
 #endif
 
+void *SSL_get_tlsa_record_byname(const char *name,int port,int type);
+
 /* BEGIN ERROR CODES */
 /* The following lines are auto generated by the script mkerr.pl. Any changes
  * made after this point may be overwritten when the script is next run.