Add SSL_CTX_set_cert_cb API

[normanmaurer]

Are there any plans to add the following API?I:

SSL_CTX_set_cert_cb

It is documented here:

https://www.openssl.org/docs/man1.0.2/man3/SSL_set_cert_cb.html

We depend on this in https://github.com/netty/netty-tcnative for a feature which we currently can not support when LibreSSL is used.

[andrey-utkin]

hostapd uses SSL_set_cert_cb in SUITEB functionality. See https://bugs.gentoo.org/710992 Is there any alternative approach which we could use to patch hostapd to work with LibreSSL?

[orbea]

wpa_supplicant also uses this function.

../src/crypto/tls_openssl.c: In function 'tls_set_conn_flags':
../src/crypto/tls_openssl.c:3265:21: error: implicit declaration of function 'SSL_set1_sigalgs_list'; did you mean 'SSL_set1_groups_list'? [-Werror=implicit-function-declaration]
 3265 |                 if (SSL_set1_sigalgs_list(ssl, algs) != 1) {
      |                     ^~~~~~~~~~~~~~~~~~~~~
      |                     SSL_set1_groups_list
../src/crypto/tls_openssl.c:3274:17: error: implicit declaration of function 'SSL_set_cert_cb'; did you mean 'SSL_set_verify'? [-Werror=implicit-function-declaration]
 3274 |                 SSL_set_cert_cb(ssl, suiteb_cert_cb, conn);
      |                 ^~~~~~~~~~~~~~~
      |                 SSL_set_verify
cc1: some warnings being treated as errors
make: *** [../src/build.rules:86: /var/tmp/portage/net-wireless/wpa_supplicant-9999/work/wpa_supplicant-9999/build/wpa_supplicant/src/crypto/tls_openssl.o] Error 1

As tested with their current git (https://w1.fi/cgit/hostap/commit/?id=73372322038d2617f2be4542c0f2a5fa846fe911).