From fb1283ef239026cff78fc08b0de2b0498296b129 Mon Sep 17 00:00:00 2001
From: Rushil Mehra <rmehra@cloudflare.com>
Date: Tue, 18 Jun 2024 00:14:35 -0700
Subject: [PATCH] Expose SSL_{set|clear}_mode

---
 boring/src/ssl/mod.rs | 32 ++++++++++++++++++++++++++------
 1 file changed, 26 insertions(+), 6 deletions(-)

diff --git a/boring/src/ssl/mod.rs b/boring/src/ssl/mod.rs
index 108d0353..d54fe48b 100644
--- a/boring/src/ssl/mod.rs
+++ b/boring/src/ssl/mod.rs
@@ -1066,16 +1066,14 @@ impl SslContextBuilder {
         }
     }
 
-    /// Sets the mode used by the context, returning the previous mode.
+    /// Sets the mode used by the context, returning the new bit-mask after adding mode.
     ///
     /// This corresponds to [`SSL_CTX_set_mode`].
     ///
-    /// [`SSL_CTX_set_mode`]: https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_mode.html
+    /// [`SSL_CTX_set_mode`]: https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_mode.html
     pub fn set_mode(&mut self, mode: SslMode) -> SslMode {
-        unsafe {
-            let bits = ffi::SSL_CTX_set_mode(self.as_ptr(), mode.bits());
-            SslMode::from_bits_retain(bits)
-        }
+        let bits = unsafe { ffi::SSL_CTX_set_mode(self.as_ptr(), mode.bits()) };
+        SslMode::from_bits_retain(bits)
     }
 
     /// Sets the parameters to be used during ephemeral Diffie-Hellman key exchange.
@@ -3718,6 +3716,28 @@ impl SslRef {
     {
         unsafe { cvt(ffi::SSL_use_PrivateKey(self.as_ptr(), key.as_ptr())).map(|_| ()) }
     }
+
+    /// Enables all modes set in `mode` in `SSL`. Returns a bitmask representing the resulting
+    /// enabled modes.
+    ///
+    /// This corresponds to [`SSL_set_mode`].
+    ///
+    /// [`SSL_set_mode`]: https://www.openssl.org/docs/man1.0.2/ssl/SSL_set_mode.html
+    pub fn set_mode(&mut self, mode: SslMode) -> SslMode {
+        let bits = unsafe { ffi::SSL_set_mode(self.as_ptr(), mode.bits()) };
+        SslMode::from_bits_retain(bits)
+    }
+
+    /// Disables all modes set in `mode` in `SSL`. Returns a bitmask representing the resulting
+    /// enabled modes.
+    ///
+    /// This corresponds to [`SSL_clear_mode`].
+    ///
+    /// [`SSL_clear_mode`]: https://www.openssl.org/docs/man3.1/man3/SSL_clear_mode.html
+    pub fn clear_mode(&mut self, mode: SslMode) -> SslMode {
+        let bits = unsafe { ffi::SSL_clear_mode(self.as_ptr(), mode.bits()) };
+        SslMode::from_bits_retain(bits)
+    }
 }
 
 /// An SSL stream midway through the handshake process.