73 	WOLFSSL *ssl;  member
140 static int wolfssl_receive_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx)  in wolfssl_receive_cb()  argument
162 static int wolfssl_send_cb(WOLFSSL *ssl, char *buf, int sz, void *ctx)  in wolfssl_send_cb()  argument
346 	conn->ssl = wolfSSL_new(ssl_ctx);  in tls_connection_init()
347 	if (!conn->ssl) {  in tls_connection_init()
352 	wolfSSL_SetIOReadCtx(conn->ssl,  &conn->input);  in tls_connection_init()
353 	wolfSSL_SetIOWriteCtx(conn->ssl, &conn->output);  in tls_connection_init()
354 	wolfSSL_set_ex_data(conn->ssl, 0, conn);  in tls_connection_init()
359 	wolfSSL_KeepArrays(conn->ssl);  in tls_connection_init()
360 	wolfSSL_KeepHandshakeResources(conn->ssl);  in tls_connection_init()
361 	wolfSSL_UseClientSuites(conn->ssl);  in tls_connection_init()
375 	wolfSSL_free(conn->ssl);  in tls_connection_deinit()
389 	return conn ? wolfSSL_is_init_finished(conn->ssl) : 0;  in tls_connection_established()
411 	wolfSSL_set_quiet_shutdown(conn->ssl, 1);  in tls_connection_shutdown()
412 	wolfSSL_shutdown(conn->ssl);  in tls_connection_shutdown()
414 	session = wolfSSL_get1_session(conn->ssl);  in tls_connection_shutdown()
415 	if (wolfSSL_clear(conn->ssl) != 1) {  in tls_connection_shutdown()
419 	wolfSSL_set_session(conn->ssl, session);  in tls_connection_shutdown()
478 			    conn->ssl, client_cert_blob, blob_len,  in tls_connection_client_cert()
483 				    conn->ssl, client_cert_blob, blob_len,  in tls_connection_client_cert()
496 			    conn->ssl, client_cert) != SSL_SUCCESS) {  in tls_connection_client_cert()
500 				    conn->ssl, client_cert,  in tls_connection_client_cert()
548 		if (wolfSSL_use_PrivateKey_buffer(conn->ssl,  in tls_connection_private_key()
555 				    conn->ssl,  in tls_connection_private_key()
571 		if (wolfSSL_use_PrivateKey_file(conn->ssl, private_key,  in tls_connection_private_key()
576 			if (wolfSSL_use_PrivateKey_file(conn->ssl, private_key,  in tls_connection_private_key()
980 	WOLFSSL *ssl;  in tls_verify_cb()  local
994 	ssl = wolfSSL_X509_STORE_CTX_get_ex_data(  in tls_verify_cb()
999 	conn = wolfSSL_get_ex_data(ssl, 0);  in tls_verify_cb()
1137 		res = check_ocsp_resp(conn->ssl_ctx, conn->ssl, err_cert,  in tls_verify_cb()
1177 	wolfSSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb);  in tls_connection_ca_cert()
1273 static void tls_set_conn_flags(WOLFSSL *ssl, unsigned int flags)  in tls_set_conn_flags()  argument
1277 		wolfSSL_UseSessionTicket(ssl);  in tls_set_conn_flags()
1281 		wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1);  in tls_set_conn_flags()
1283 		wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_1);  in tls_set_conn_flags()
1285 		wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_2);  in tls_set_conn_flags()
1287 		wolfSSL_set_options(ssl, SSL_OP_NO_TLSv1_3);  in tls_set_conn_flags()
1330 	    wolfSSL_set_cipher_list(conn->ssl, params->openssl_ciphers) != 1) {  in tls_connection_set_params()
1337 	tls_set_conn_flags(conn->ssl, params->flags);  in tls_connection_set_params()
1341 		if (wolfSSL_UseOCSPStapling(conn->ssl, WOLFSSL_CSR_OCSP,  in tls_connection_set_params()
1345 		if (wolfSSL_EnableOCSPStapling(conn->ssl) != SSL_SUCCESS)  in tls_connection_set_params()
1351 		if (wolfSSL_UseOCSPStaplingV2(conn->ssl,  in tls_connection_set_params()
1355 		if (wolfSSL_EnableOCSPStapling(conn->ssl) != SSL_SUCCESS)  in tls_connection_set_params()
1622 		wolfSSL_set_verify(conn->ssl, SSL_VERIFY_PEER |  in tls_connection_set_verify()
1627 		wolfSSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL);  in tls_connection_set_verify()
1630 	wolfSSL_set_accept_state(conn->ssl);  in tls_connection_set_verify()
1640 		wolfSSL_set_session_id_context(conn->ssl,  in tls_connection_set_verify()
1644 		wolfSSL_set_session_id_context(conn->ssl, session_ctx,  in tls_connection_set_verify()
1664 		wolfSSL_set_accept_state(conn->ssl);  in wolfssl_handshake()
1665 		res = wolfSSL_accept(conn->ssl);  in wolfssl_handshake()
1668 		wolfSSL_set_connect_state(conn->ssl);  in wolfssl_handshake()
1669 		res = wolfSSL_connect(conn->ssl);  in wolfssl_handshake()
1674 		int err = wolfSSL_get_error(conn->ssl, res);  in wolfssl_handshake()
1716 	res = wolfSSL_read(conn->ssl, wpabuf_mhead(appl_data),  in wolfssl_get_appl_data()
1719 		int err = wolfSSL_get_error(conn->ssl, res);  in wolfssl_get_appl_data()
1760 	if (wolfSSL_is_init_finished(conn->ssl)) {  in wolfssl_connection_handshake()
1804 	res = wolfSSL_write(conn->ssl, wpabuf_head(in_data),  in tls_connection_encrypt()
1807 		int  err = wolfSSL_get_error(conn->ssl, res);  in tls_connection_encrypt()
1843 	res = wolfSSL_read(conn->ssl, wpabuf_mhead(buf), wpabuf_size(buf));  in tls_connection_decrypt()
1859 	return conn ? wolfSSL_session_reused(conn->ssl) : 0;  in tls_connection_resumed()
1870 	if (!conn || !conn->ssl || !ciphers)  in tls_connection_set_cipher_list()
1915 	if (wolfSSL_set_cipher_list(conn->ssl, buf + 1) != 1) {  in tls_connection_set_cipher_list()
1930 	if (!conn || !conn->ssl)  in tls_get_cipher()
1933 	cipher = wolfSSL_get_current_cipher(conn->ssl);  in tls_get_cipher()
2010 	if (!conn || !conn->ssl)  in tls_get_version()
2013 	name = wolfSSL_get_version(conn->ssl);  in tls_get_version()
2025 	WOLFSSL *ssl;  in tls_connection_get_random()  local
2029 	ssl = conn->ssl;  in tls_connection_get_random()
2030 	if (!ssl)  in tls_connection_get_random()
2036 		ssl, conn->client_random, sizeof(conn->client_random));  in tls_connection_get_random()
2039 		ssl, conn->server_random, sizeof(conn->server_random));  in tls_connection_get_random()
2052 	if (wolfSSL_export_keying_material(conn->ssl, out, out_len,  in tls_connection_export_key()
2060 	    wolfSSL_make_eap_keys(conn->ssl, out, out_len, label) != 0)  in tls_connection_export_key()
2074 	WOLFSSL *ssl;  in tls_connection_get_eap_fast_key()  local
2085 	if (!conn || !conn->ssl)  in tls_connection_get_eap_fast_key()
2087 	ssl = conn->ssl;  in tls_connection_get_eap_fast_key()
2089 	skip = 2 * (wolfSSL_GetKeySize(ssl) + wolfSSL_GetHmacSize(ssl) +  in tls_connection_get_eap_fast_key()
2090 		    wolfSSL_GetIVSize(ssl));  in tls_connection_get_eap_fast_key()
2097 	wolfSSL_get_keys(ssl, &master_key, &master_key_len, &server_random,  in tls_connection_get_eap_fast_key()
2102 	if (wolfSSL_GetVersion(ssl) == WOLFSSL_TLSV1_2) {  in tls_connection_get_eap_fast_key()
2136 	if (!conn || !conn->ssl || ext_type != 35)  in tls_connection_client_hello_ext()
2139 	if (wolfSSL_set_SessionTicket(conn->ssl, data,  in tls_connection_client_hello_ext()
2192 		if (wolfSSL_set_session_secret_cb(conn->ssl, tls_sess_sec_cb,  in tls_connection_set_session_ticket_cb()
2196 		if (wolfSSL_set_session_secret_cb(conn->ssl, NULL, NULL) != 1)  in tls_connection_set_session_ticket_cb()
2218 	sess = wolfSSL_get_session(conn->ssl);  in tls_connection_remove_session()
2233 	reused = wolfSSL_session_reused(conn->ssl);  in tls_get_tls_unique()
2234 	if ((wolfSSL_is_server(conn->ssl) && !reused) ||  in tls_get_tls_unique()
2235 	    (!wolfSSL_is_server(conn->ssl) && reused))  in tls_get_tls_unique()
2236 		len = wolfSSL_get_peer_finished(conn->ssl, buf, max_len);  in tls_get_tls_unique()
2238 		len = wolfSSL_get_finished(conn->ssl, buf, max_len);  in tls_get_tls_unique()
2249 	return (u16) wolfSSL_get_current_cipher_suite(conn->ssl);  in tls_connection_get_cipher_suite()
2269 	sess = wolfSSL_get_session(conn->ssl);  in tls_connection_set_success_data()
2302 	sess = wolfSSL_get_session(conn->ssl);  in tls_connection_get_success_data()
2312 		return wolfSSL_get_certificate(conn->ssl) != NULL;  in tls_connection_get_own_cert_used()