From eb607fe6a11a8de5b5c30abc20e89c32fe5e2aea Mon Sep 17 00:00:00 2001
From: Dragan Dosen <ddosen@haproxy.com>
Date: Mon, 11 May 2020 17:17:06 +0200
Subject: [PATCH] MINOR: ssl: add a new function ssl_sock_get_ssl_object()

This one can be used later to get a SSL object from connection. It will
return NULL if connection is not established over SSL.
---
 include/proto/ssl_sock.h | 2 ++
 src/ssl_sock.c           | 8 ++++++++
 2 files changed, 10 insertions(+)

diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index d02939486..0751f70a0 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -109,6 +109,8 @@ void ssl_async_fd_free(int fd);
  */
 int ssl_sock_register_msg_callback(ssl_sock_msg_callback_func func);
 
+SSL *ssl_sock_get_ssl_object(struct connection *conn);
+
 #endif /* USE_OPENSSL */
 #endif /* _PROTO_SSL_SOCK_H */
 
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 232b10b55..95bf9c27a 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -695,6 +695,14 @@ static void ssl_sock_unregister_msg_callbacks(void)
 	}
 }
 
+SSL *ssl_sock_get_ssl_object(struct connection *conn)
+{
+	if (!ssl_sock_is_ssl(conn))
+		return NULL;
+
+	return ((struct ssl_sock_ctx *)(conn->xprt_ctx))->ssl;
+}
+
 /*
  * This function gives the detail of the SSL error. It is used only
  * if the debug mode and the verbose mode are activated. It dump all