httpd-mod_ssl-token-binding-extension.patch

diff -ru httpd-2.4.33.org/modules/ssl/ssl_engine_init.c httpd-2.4.33/modules/ssl/ssl_engine_init.c
--- httpd-2.4.33.org/modules/ssl/ssl_engine_init.c	2018-02-14 00:43:36.000000000 +0100
+++ httpd-2.4.33/modules/ssl/ssl_engine_init.c	2018-05-23 19:05:52.000000000 +0200
@@ -464,6 +464,33 @@
 #endif
 
 #ifdef HAVE_TLSEXT
+
+APR_DECLARE_OPTIONAL_FN(SSL *, ssl_get_ssl_from_request, (request_rec *));
+
+SSL *ssl_get_ssl_from_request(request_rec *r) {
+    SSLConnRec *sslconn = myConnConfig(r->connection);
+    return sslconn->ssl;
+}
+
+APR_DECLARE_OPTIONAL_FN(int, tb_add_ext, (server_rec *s, SSL_CTX *ctx));
+
+static APR_OPTIONAL_FN_TYPE(tb_add_ext) *tb_add_ext_fn = NULL;
+
+static void ssl_token_binding_add_ext(server_rec *s, modssl_ctx_t *mctx) {
+
+    APR_REGISTER_OPTIONAL_FN(ssl_get_ssl_from_request);
+
+    if (tb_add_ext_fn == NULL)
+        tb_add_ext_fn = APR_RETRIEVE_OPTIONAL_FN(tb_add_ext);
+
+    if (tb_add_ext_fn == NULL) {
+        ap_log_error(APLOG_MARK, APLOG_INFO, 0, s,
+                "No Token Binding TLS extension function found: perhaps mod_token_binding is not loaded?");
+        return;
+    }
+    tb_add_ext_fn(s, mctx->ssl_ctx);
+}
+
 static apr_status_t ssl_init_ctx_tls_extensions(server_rec *s,
                                                 apr_pool_t *p,
                                                 apr_pool_t *ptemp,
@@ -532,6 +559,9 @@
         SSL_CTX_set_srp_cb_arg(mctx->ssl_ctx, mctx);
     }
 #endif
+
+    ssl_token_binding_add_ext(s, mctx);
+
     return APR_SUCCESS;
 }
 #endif