Lines Matching refs:ssl_ctx
242 SSL_CTX *ssl_ctx; member
663 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name) in tls_cryptoapi_ca_cert() argument
710 if (!X509_STORE_add_cert(SSL_CTX_get_cert_store(ssl_ctx), in tls_cryptoapi_ca_cert()
1186 void tls_deinit(void *ssl_ctx) in tls_deinit() argument
1188 struct tls_data *data = ssl_ctx; in tls_deinit()
1395 int tls_get_errors(void *ssl_ctx) in tls_get_errors() argument
1683 struct tls_connection * tls_connection_init(void *ssl_ctx) in tls_connection_init() argument
1685 struct tls_data *data = ssl_ctx; in tls_connection_init()
1715 conn->ssl_ctx = ssl; in tls_connection_init()
1744 SSL_CTX_set_keylog_callback(conn->ssl_ctx, tls_keylog_cb); in tls_connection_init()
1773 void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn) in tls_connection_deinit() argument
1798 int tls_connection_established(void *ssl_ctx, struct tls_connection *conn) in tls_connection_established() argument
1829 int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn) in tls_connection_shutdown() argument
2714 res = check_ocsp_resp(conn->ssl_ctx, conn->ssl, err_cert, in tls_verify_cb()
2751 SSL_CTX *ssl_ctx = data->ssl; in tls_load_ca_der() local
2755 lookup = X509_STORE_add_lookup(SSL_CTX_get_cert_store(ssl_ctx), in tls_load_ca_der()
2786 SSL_CTX *ssl_ctx = data->ssl; in tls_connection_ca_cert() local
2799 SSL_CTX_set_cert_store(ssl_ctx, store); in tls_connection_ca_cert()
2866 if (!X509_STORE_add_cert(SSL_CTX_get_cert_store(ssl_ctx), in tls_connection_ca_cert()
2892 if (tls_add_ca_from_keystore(SSL_CTX_get_cert_store(ssl_ctx), in tls_connection_ca_cert()
2912 SSL_CTX_get_cert_store(ssl_ctx), alias)) { in tls_connection_ca_cert()
2930 if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) == in tls_connection_ca_cert()
2940 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, ca_path) != in tls_connection_ca_cert()
2973 SSL_CTX *ssl_ctx = data->ssl; in tls_global_ca_cert() local
2976 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, NULL) != 1) in tls_global_ca_cert()
2988 SSL_CTX_set_client_CA_list(ssl_ctx, in tls_global_ca_cert()
3000 int tls_global_set_verify(void *ssl_ctx, int check_crl, int strict) in tls_global_set_verify() argument
3005 struct tls_data *data = ssl_ctx; in tls_global_set_verify()
3204 SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, NULL, 0); in tls_set_conn_flags()
3278 if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs, in tls_set_conn_flags()
3313 if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs, in tls_set_conn_flags()
3376 int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn, in tls_connection_set_verify() argument
3381 struct tls_data *data = ssl_ctx; in tls_connection_set_verify()
3440 SSL_CTX_clear_extra_chain_certs(conn->ssl_ctx); in tls_connection_client_cert()
3555 SSL_CTX *ssl_ctx = data->ssl; in tls_global_client_cert() local
3560 if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert, in tls_global_client_cert()
3562 SSL_CTX_use_certificate_chain_file(ssl_ctx, client_cert) != 1 && in tls_global_client_cert()
3563 SSL_CTX_use_certificate_file(ssl_ctx, client_cert, in tls_global_client_cert()
3831 SSL_CTX *ssl_ctx = data->ssl; in tls_connection_engine_ca_cert() local
3845 SSL_CTX_set_cert_store(ssl_ctx, store); in tls_connection_engine_ca_cert()
4091 SSL_CTX *ssl_ctx = data->ssl; in tls_global_private_key() local
4106 if (!SSL_CTX_check_private_key(ssl_ctx)) { in tls_global_private_key()
4165 SSL_CTX *ssl_ctx = data->ssl; in tls_global_dh()
4171 if (!ssl_ctx) in tls_global_dh()
4174 SSL_CTX_set_dh_auto(ssl_ctx, 1); in tls_global_dh()
4227 if (SSL_CTX_set0_tmp_dh_pkey(ssl_ctx, pkey) != 1) { in tls_global_dh()
4236 SSL_CTX *ssl_ctx = data->ssl; in tls_global_dh()
4240 if (!ssl_ctx) in tls_global_dh()
4244 SSL_CTX_set_dh_auto(ssl_ctx, 1); in tls_global_dh()
4292 if (SSL_CTX_set_tmp_dh(ssl_ctx, dh) != 1) { in tls_global_dh()
4306 int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn, in tls_connection_get_random() argument
4682 tls_connection_resumed(conn->ssl_ctx, conn)); in openssl_connection_handshake()
4719 tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn, in tls_connection_handshake() argument
4834 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn) in tls_connection_resumed() argument
4921 int tls_get_version(void *ssl_ctx, struct tls_connection *conn, in tls_get_version() argument
4937 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn, in tls_get_cipher() argument
4953 int tls_connection_enable_workaround(void *ssl_ctx, in tls_connection_enable_workaround() argument
4966 int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn, in tls_connection_client_hello_ext() argument
4982 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn) in tls_connection_get_failed() argument
4990 int tls_connection_get_read_alerts(void *ssl_ctx, struct tls_connection *conn) in tls_connection_get_read_alerts() argument
4998 int tls_connection_get_write_alerts(void *ssl_ctx, struct tls_connection *conn) in tls_connection_get_write_alerts() argument
5098 store = SSL_CTX_get_cert_store(conn->ssl_ctx); in ocsp_resp_cb()
5528 SSL_CTX *ssl_ctx = data->ssl; in tls_connection_set_params() local
5530 SSL_CTX_set_tlsext_status_cb(ssl_ctx, ocsp_resp_cb); in tls_connection_set_params()
5531 SSL_CTX_set_tlsext_status_arg(ssl_ctx, conn); in tls_connection_set_params()
5554 static void openssl_debug_dump_cipher_list(SSL_CTX *ssl_ctx) in openssl_debug_dump_cipher_list() argument
5559 ssl = SSL_new(ssl_ctx); in openssl_debug_dump_cipher_list()
5626 static void openssl_debug_dump_certificates(SSL_CTX *ssl_ctx) in openssl_debug_dump_certificates() argument
5631 if (SSL_CTX_get0_chain_certs(ssl_ctx, &certs) == 1) { in openssl_debug_dump_certificates()
5638 openssl_debug_dump_certificate(0, SSL_CTX_get0_certificate(ssl_ctx)); in openssl_debug_dump_certificates()
5644 static void openssl_debug_dump_certificate_chains(SSL_CTX *ssl_ctx) in openssl_debug_dump_certificate_chains() argument
5649 for (res = SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_FIRST); in openssl_debug_dump_certificate_chains()
5651 res = SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_NEXT)) in openssl_debug_dump_certificate_chains()
5652 openssl_debug_dump_certificates(ssl_ctx); in openssl_debug_dump_certificate_chains()
5654 SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_FIRST); in openssl_debug_dump_certificate_chains()
5659 static void openssl_debug_dump_ctx(SSL_CTX *ssl_ctx) in openssl_debug_dump_ctx() argument
5661 openssl_debug_dump_cipher_list(ssl_ctx); in openssl_debug_dump_ctx()
5662 openssl_debug_dump_certificate_chains(ssl_ctx); in openssl_debug_dump_ctx()
5670 SSL_CTX *ssl_ctx = data->ssl; in tls_global_set_params() local
5708 SSL_CTX_set_cipher_list(ssl_ctx, params->openssl_ciphers) != 1) { in tls_global_set_params()
5719 if (SSL_CTX_set_ecdh_auto(ssl_ctx, 1) != 1) { in tls_global_set_params()
5735 SSL_CTX_set_ecdh_auto(ssl_ctx, 1); in tls_global_set_params()
5737 if (SSL_CTX_set1_curves_list(ssl_ctx, in tls_global_set_params()
5754 SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET); in tls_global_set_params()
5756 SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TICKET); in tls_global_set_params()
5760 SSL_CTX_set_tlsext_status_cb(ssl_ctx, ocsp_status_cb); in tls_global_set_params()
5761 SSL_CTX_set_tlsext_status_arg(ssl_ctx, ssl_ctx); in tls_global_set_params()
5770 openssl_debug_dump_ctx(ssl_ctx); in tls_global_set_params()
5974 if (SSL_CTX_remove_session(conn->ssl_ctx, sess) != 1) in tls_connection_remove_session()