Lines Matching refs:SSL_CTX
435 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name)
481 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
706 SSL_CTX *ssl;
793 void tls_deinit(void *ssl_ctx)
795 SSL_CTX *ssl = ssl_ctx;
920 int tls_get_errors(void *ssl_ctx)
934 struct tls_connection * tls_connection_init(void *ssl_ctx)
936 SSL_CTX *ssl = ssl_ctx;
989 void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn)
1002 int tls_connection_established(void *ssl_ctx, struct tls_connection *conn)
1008 int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn)
1318 SSL_CTX *ssl_ctx = _ssl_ctx;
1322 lookup = X509_STORE_add_lookup(ssl_ctx->cert_store,
1352 SSL_CTX *ssl_ctx = _ssl_ctx;
1358 X509_STORE_free(ssl_ctx->cert_store);
1359 ssl_ctx->cert_store = X509_STORE_new();
1360 if (ssl_ctx->cert_store == NULL) {
1416 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
1454 X509_STORE_add_cert(ssl_ctx->cert_store,
1458 X509_STORE_add_crl(ssl_ctx->cert_store,
1469 if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) ==
1479 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, ca_path) !=
1484 tls_load_ca_der(ssl_ctx, ca_cert) == 0) {
1493 tls_get_errors(ssl_ctx);
1510 static int tls_global_ca_cert(SSL_CTX *ssl_ctx, const char *ca_cert)
1513 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, NULL) != 1)
1525 SSL_CTX_set_client_CA_list(ssl_ctx,
1534 int tls_global_set_verify(void *ssl_ctx, int check_crl)
1539 X509_STORE *cs = SSL_CTX_get_cert_store(ssl_ctx);
1579 int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
1682 static int tls_global_client_cert(SSL_CTX *ssl_ctx, const char *client_cert)
1688 if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
1690 SSL_CTX_use_certificate_chain_file(ssl_ctx, client_cert) != 1 &&
1691 SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
1718 static int tls_parse_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, PKCS12 *p12,
1747 if (SSL_CTX_use_certificate(ssl_ctx, cert) != 1)
1759 if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1)
1775 if (SSL_CTX_add_extra_chain_cert(ssl_ctx, cert) != 1) {
1786 tls_get_errors(ssl_ctx);
1793 static int tls_read_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, const char *private_key,
1813 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd);
1823 static int tls_read_pkcs12_blob(SSL_CTX *ssl_ctx, SSL *ssl,
1836 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd);
1909 SSL_CTX *ssl_ctx = _ssl_ctx;
1915 X509_STORE_free(ssl_ctx->cert_store);
1916 ssl_ctx->cert_store = X509_STORE_new();
1917 if (ssl_ctx->cert_store == NULL) {
1923 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
1981 SSL_CTX *ssl_ctx = _ssl_ctx;
1995 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
1996 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
2027 if (tls_read_pkcs12_blob(ssl_ctx, conn->ssl, private_key_blob,
2080 if (tls_read_pkcs12(ssl_ctx, conn->ssl, private_key, passwd)
2105 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
2119 static int tls_global_private_key(SSL_CTX *ssl_ctx, const char *private_key,
2134 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
2135 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
2138 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key,
2140 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key,
2143 tls_read_pkcs12(ssl_ctx, NULL, private_key, passwd)) {
2152 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
2154 if (!SSL_CTX_check_private_key(ssl_ctx)) {
2238 static int tls_global_dh(SSL_CTX *ssl_ctx, const char *dh_file)
2253 if (ssl_ctx == NULL)
2299 if (SSL_CTX_set_tmp_dh(ssl_ctx, dh) != 1) {
2312 int tls_connection_get_keys(void *ssl_ctx, struct tls_connection *conn,
2488 tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn,
2588 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
2650 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn,
2666 int tls_connection_enable_workaround(void *ssl_ctx,
2679 int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn,
2701 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
2709 int tls_connection_get_read_alerts(void *ssl_ctx, struct tls_connection *conn)
2717 int tls_connection_get_write_alerts(void *ssl_ctx, struct tls_connection *conn)
2808 SSL_CTX *ssl_ctx = tls_ctx;
2816 if (tls_global_ca_cert(ssl_ctx, params->ca_cert))
2819 if (tls_global_client_cert(ssl_ctx, params->client_cert))
2822 if (tls_global_private_key(ssl_ctx, params->private_key,
2826 if (tls_global_dh(ssl_ctx, params->dh_file)) {
2834 SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET);
2836 SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TICKET);
