Lines Matching refs:ssl_ctx
466 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name)
515 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
731 SSL_CTX *ssl;
773 void tls_deinit(void *ssl_ctx)
775 SSL_CTX *ssl = ssl_ctx;
872 int tls_get_errors(void *ssl_ctx)
886 struct tls_connection * tls_connection_init(void *ssl_ctx)
888 SSL_CTX *ssl = ssl_ctx;
936 void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn)
949 int tls_connection_established(void *ssl_ctx, struct tls_connection *conn)
955 int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn)
1082 SSL_CTX *ssl_ctx = _ssl_ctx;
1086 lookup = X509_STORE_add_lookup(ssl_ctx->cert_store,
1115 SSL_CTX *ssl_ctx = _ssl_ctx;
1121 X509_STORE_free(ssl_ctx->cert_store);
1122 ssl_ctx->cert_store = X509_STORE_new();
1123 if (ssl_ctx->cert_store == NULL) {
1138 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
1176 X509_STORE_add_cert(ssl_ctx->cert_store, info->x509);
1179 X509_STORE_add_crl(ssl_ctx->cert_store, info->crl);
1189 if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) ==
1200 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, ca_path) !=
1205 tls_load_ca_der(ssl_ctx, ca_cert) == 0) {
1214 tls_get_errors(ssl_ctx);
1232 static int tls_global_ca_cert(SSL_CTX *ssl_ctx, const char *ca_cert)
1235 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, NULL) != 1)
1247 SSL_CTX_set_client_CA_list(ssl_ctx,
1256 int tls_global_set_verify(void *ssl_ctx, int check_crl)
1261 X509_STORE *cs = SSL_CTX_get_cert_store(ssl_ctx);
1301 int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
1390 static int tls_global_client_cert(SSL_CTX *ssl_ctx, const char *client_cert)
1396 if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
1398 SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
1426 static int tls_parse_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, PKCS12 *p12,
1455 if (SSL_CTX_use_certificate(ssl_ctx, cert) != 1)
1467 if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1)
1483 if (SSL_CTX_add_extra_chain_cert(ssl_ctx, cert) != 1) {
1494 tls_get_errors(ssl_ctx);
1501 static int tls_read_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, const char *private_key,
1521 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd);
1531 static int tls_read_pkcs12_blob(SSL_CTX *ssl_ctx, SSL *ssl,
1544 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd);
1583 SSL_CTX *ssl_ctx = _ssl_ctx;
1597 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
1598 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
1640 if (tls_read_pkcs12_blob(ssl_ctx, conn->ssl, private_key_blob,
1698 if (tls_read_pkcs12(ssl_ctx, conn->ssl, private_key, passwd)
1723 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
1737 static int tls_global_private_key(SSL_CTX *ssl_ctx, const char *private_key,
1752 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
1753 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
1756 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key,
1758 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key,
1761 tls_read_pkcs12(ssl_ctx, NULL, private_key, passwd)) {
1770 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
1772 if (!SSL_CTX_check_private_key(ssl_ctx)) {
1856 int tls_connection_get_keys(void *ssl_ctx, struct tls_connection *conn,
1887 u8 * tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn,
1975 u8 * tls_connection_server_handshake(void *ssl_ctx,
2026 int tls_connection_encrypt(void *ssl_ctx, struct tls_connection *conn,
2060 int tls_connection_decrypt(void *ssl_ctx, struct tls_connection *conn,
2090 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
2118 int tls_connection_set_master_key(void *ssl_ctx, struct tls_connection *conn,
2203 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn,
2220 int tls_connection_enable_workaround(void *ssl_ctx,
2233 int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn,
2249 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
2257 int tls_connection_get_read_alerts(void *ssl_ctx, struct tls_connection *conn)
2265 int tls_connection_get_write_alerts(void *ssl_ctx, struct tls_connection *conn)
2334 SSL_CTX *ssl_ctx = tls_ctx;
2342 if (tls_global_ca_cert(ssl_ctx, params->ca_cert))
2345 if (tls_global_client_cert(ssl_ctx, params->client_cert))
2348 if (tls_global_private_key(ssl_ctx, params->private_key,
