Lines Matching defs:ssl_ctx
466 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name)
512 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
736 SSL_CTX *ssl;
840 void tls_deinit(void *ssl_ctx)
842 SSL_CTX *ssl = ssl_ctx;
974 int tls_get_errors(void *ssl_ctx)
1008 struct tls_connection * tls_connection_init(void *ssl_ctx)
1010 SSL_CTX *ssl = ssl_ctx;
1066 void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn)
1080 int tls_connection_established(void *ssl_ctx, struct tls_connection *conn)
1086 int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn)
1518 SSL_CTX *ssl_ctx = _ssl_ctx;
1522 lookup = X509_STORE_add_lookup(ssl_ctx->cert_store,
1552 SSL_CTX *ssl_ctx = _ssl_ctx;
1558 X509_STORE_free(ssl_ctx->cert_store);
1559 ssl_ctx->cert_store = X509_STORE_new();
1560 if (ssl_ctx->cert_store == NULL) {
1616 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
1654 X509_STORE_add_cert(ssl_ctx->cert_store,
1658 X509_STORE_add_crl(ssl_ctx->cert_store,
1669 if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) ==
1679 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, ca_path) !=
1684 tls_load_ca_der(ssl_ctx, ca_cert) == 0) {
1693 tls_get_errors(ssl_ctx);
1710 static int tls_global_ca_cert(SSL_CTX *ssl_ctx, const char *ca_cert)
1713 if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, NULL) != 1)
1725 SSL_CTX_set_client_CA_list(ssl_ctx,
1734 int tls_global_set_verify(void *ssl_ctx, int check_crl)
1739 X509_STORE *cs = SSL_CTX_get_cert_store(ssl_ctx);
1788 int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
1891 static int tls_global_client_cert(SSL_CTX *ssl_ctx, const char *client_cert)
1897 if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
1899 SSL_CTX_use_certificate_chain_file(ssl_ctx, client_cert) != 1 &&
1900 SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
1927 static int tls_parse_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, PKCS12 *p12,
1956 if (SSL_CTX_use_certificate(ssl_ctx, cert) != 1)
1968 if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1)
1984 if (SSL_CTX_add_extra_chain_cert(ssl_ctx, cert) != 1) {
1995 tls_get_errors(ssl_ctx);
2002 static int tls_read_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, const char *private_key,
2022 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd);
2032 static int tls_read_pkcs12_blob(SSL_CTX *ssl_ctx, SSL *ssl,
2045 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd);
2118 SSL_CTX *ssl_ctx = _ssl_ctx;
2124 X509_STORE_free(ssl_ctx->cert_store);
2125 ssl_ctx->cert_store = X509_STORE_new();
2126 if (ssl_ctx->cert_store == NULL) {
2132 if (!X509_STORE_add_cert(ssl_ctx->cert_store, cert)) {
2190 SSL_CTX *ssl_ctx = _ssl_ctx;
2204 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
2205 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
2236 if (tls_read_pkcs12_blob(ssl_ctx, conn->ssl, private_key_blob,
2269 if (tls_read_pkcs12(ssl_ctx, conn->ssl, private_key, passwd)
2294 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
2308 static int tls_global_private_key(SSL_CTX *ssl_ctx, const char *private_key,
2323 SSL_CTX_set_default_passwd_cb(ssl_ctx, tls_passwd_cb);
2324 SSL_CTX_set_default_passwd_cb_userdata(ssl_ctx, passwd);
2327 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key,
2329 SSL_CTX_use_PrivateKey_file(ssl_ctx, private_key,
2332 tls_read_pkcs12(ssl_ctx, NULL, private_key, passwd)) {
2341 SSL_CTX_set_default_passwd_cb(ssl_ctx, NULL);
2343 if (!SSL_CTX_check_private_key(ssl_ctx)) {
2427 static int tls_global_dh(SSL_CTX *ssl_ctx, const char *dh_file)
2442 if (ssl_ctx == NULL)
2488 if (SSL_CTX_set_tmp_dh(ssl_ctx, dh) != 1) {
2501 int tls_connection_get_keys(void *ssl_ctx, struct tls_connection *conn,
2692 tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn,
2798 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
2860 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn,
2876 int tls_connection_enable_workaround(void *ssl_ctx,
2889 int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn,
2911 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
2919 int tls_connection_get_read_alerts(void *ssl_ctx, struct tls_connection *conn)
2927 int tls_connection_get_write_alerts(void *ssl_ctx, struct tls_connection *conn)
3275 SSL_CTX *ssl_ctx = tls_ctx;
3277 SSL_CTX_set_tlsext_status_cb(ssl_ctx, ocsp_resp_cb);
3278 SSL_CTX_set_tlsext_status_arg(ssl_ctx, conn);
3293 SSL_CTX *ssl_ctx = tls_ctx;
3301 if (tls_global_ca_cert(ssl_ctx, params->ca_cert))
3304 if (tls_global_client_cert(ssl_ctx, params->client_cert))
3307 if (tls_global_private_key(ssl_ctx, params->private_key,
3311 if (tls_global_dh(ssl_ctx, params->dh_file)) {
3319 SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET);
3322 SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TICKET);
3327 SSL_CTX_set_tlsext_status_cb(ssl_ctx, ocsp_status_cb);
3328 SSL_CTX_set_tlsext_status_arg(ssl_ctx, ssl_ctx);
