Provide SSL_CTX_get_min_proto_version and SSL_CTX_get_max_proto_version

We already provided the setters, so also provide the getters like
OpenSSL does.  Addition prompted by the use of those functions in recent
openvpn releases.

manpage diff from schwarze@ (thanks!) with input from jsing@, ok tb@
jsing@

1 files changed, 24 insertions, 1 deletions

diff --git a/lib/libssl/ssl_lib.c b/lib/libssl/ssl_lib.c
index 80a2bd7bfc3..067f0edde45 100644
--- a/lib/libssl/ssl_lib.c
+++ b/lib/libssl/ssl_lib.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssl_lib.c,v 1.179 2018/02/22 17:30:25 jsing Exp $ */
+/* $OpenBSD: ssl_lib.c,v 1.180 2018/03/15 12:27:01 jca Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -3024,6 +3024,12 @@ SSL_cache_hit(SSL *s)
 }
 
 int
+SSL_CTX_get_min_proto_version(SSL_CTX *ctx)
+{
+	return ctx->internal->min_version;
+}
+
+int
 SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
 {
 	return ssl_version_set_min(ctx->method, version,
@@ -3031,6 +3037,12 @@ SSL_CTX_set_min_proto_version(SSL_CTX *ctx, uint16_t version)
 }
 
 int
+SSL_CTX_get_max_proto_version(SSL_CTX *ctx)
+{
+	return ctx->internal->max_version;
+}
+
+int
 SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
 {
 	return ssl_version_set_max(ctx->method, version,
@@ -3038,11 +3050,22 @@ SSL_CTX_set_max_proto_version(SSL_CTX *ctx, uint16_t version)
 }
 
 int
+SSL_get_min_proto_version(SSL *ssl)
+{
+	return ssl->internal->min_version;
+}
+
+int
 SSL_set_min_proto_version(SSL *ssl, uint16_t version)
 {
 	return ssl_version_set_min(ssl->method, version,
 	    ssl->internal->max_version, &ssl->internal->min_version);
 }
+int
+SSL_get_max_proto_version(SSL *ssl)
+{
+	return ssl->internal->max_version;
+}
 
 int
 SSL_set_max_proto_version(SSL *ssl, uint16_t version)