Home | History | Annotate | Download | only in vtls

Lines Matching refs:backend

199 #define BACKEND connssl->backend
1157   if(BACKEND->handle) {
1158     (void)SSL_shutdown(BACKEND->handle);
1159     SSL_set_connect_state(BACKEND->handle);
1161     SSL_free(BACKEND->handle);
1162     BACKEND->handle = NULL;
1164   if(BACKEND->ctx) {
1165     SSL_CTX_free(BACKEND->ctx);
1166     BACKEND->ctx = NULL;
1202       (void)SSL_shutdown(BACKEND->handle);
1204   if(BACKEND->handle) {
1214         nread = (ssize_t)SSL_read(BACKEND->handle, buf, buffsize);
1215         err = SSL_get_error(BACKEND->handle, (int)nread);
1260       switch(SSL_get_shutdown(BACKEND->handle)) {
1275     SSL_free(BACKEND->handle);
1276     BACKEND->handle = NULL;
1551   long len = SSL_get_tlsext_status_ocsp_resp(BACKEND->handle, &p);
1581   ch = SSL_get_peer_cert_chain(BACKEND->handle);
1582   st = SSL_CTX_get_cert_store(BACKEND->ctx);
1973       SSL_CTX_set_max_proto_version(BACKEND->ctx, TLS1_3_VERSION);
2124   if(BACKEND->ctx)
2125     SSL_CTX_free(BACKEND->ctx);
2126   BACKEND->ctx = SSL_CTX_new(req_method);
2128   if(!BACKEND->ctx) {
2135   SSL_CTX_set_mode(BACKEND->ctx, SSL_MODE_RELEASE_BUFFERS);
2141     SSL_CTX_set_msg_callback(BACKEND->ctx, ssl_tls_trace);
2142     SSL_CTX_set_msg_callback_arg(BACKEND->ctx, conn);
2259   SSL_CTX_set_options(BACKEND->ctx, ctx_options);
2263     SSL_CTX_set_next_proto_select_cb(BACKEND->ctx, select_next_proto_cb, conn);
2291     SSL_CTX_set_alpn_protos(BACKEND->ctx, protocols, cur);
2296     if(!cert_stuff(conn, BACKEND->ctx, ssl_cert, ssl_cert_type,
2308     if(!SSL_CTX_set_cipher_list(BACKEND->ctx, ciphers)) {
2321     if(!SSL_CTX_set_srp_username(BACKEND->ctx, ssl_username)) {
2325     if(!SSL_CTX_set_srp_password(BACKEND->ctx, SSL_SET_OPTION(password))) {
2332       if(!SSL_CTX_set_cipher_list(BACKEND->ctx, "SRP")) {
2343     if(!SSL_CTX_load_verify_locations(BACKEND->ctx, ssl_cafile, ssl_capath)) {
2371     SSL_CTX_set_default_verify_paths(BACKEND->ctx);
2378     lookup = X509_STORE_add_lookup(SSL_CTX_get_cert_store(BACKEND->ctx),
2387     X509_STORE_set_flags(SSL_CTX_get_cert_store(BACKEND->ctx),
2402     X509_STORE_set_flags(SSL_CTX_get_cert_store(BACKEND->ctx),
2411   SSL_CTX_set_verify(BACKEND->ctx,
2417     SSL_CTX_set_keylog_callback(BACKEND->ctx, ossl_keylog_callback);
2423     result = (*data->set.ssl.fsslctx)(data, BACKEND->ctx,
2432   if(BACKEND->handle)
2433     SSL_free(BACKEND->handle);
2434   BACKEND->handle = SSL_new(BACKEND->ctx);
2435   if(!BACKEND->handle) {
2443     SSL_set_tlsext_status_type(BACKEND->handle, TLSEXT_STATUSTYPE_ocsp);
2446   SSL_set_connect_state(BACKEND->handle);
2448   BACKEND->server_cert = 0x0;
2455      !SSL_set_tlsext_host_name(BACKEND->handle, hostname))
2467       if(!SSL_set_session(BACKEND->handle, ssl_sessionid)) {
2482     SSL *handle = conn->proxy_ssl[sockindex].backend->handle;
2487     SSL_set_bio(BACKEND->handle, bio, bio);
2489   else if(!SSL_set_fd(BACKEND->handle, (int)sockfd)) {
2514   err = SSL_connect(BACKEND->handle);
2518   tap_ssl_key(BACKEND->handle, &BACKEND->tap_state);
2525     int detail = SSL_get_error(BACKEND->handle, err);
2559         lerr = SSL_get_verify_result(BACKEND->handle);
2603           get_ssl_version_txt(BACKEND->handle),
2604           SSL_get_cipher(BACKEND->handle));
2613       SSL_get0_alpn_selected(BACKEND->handle, &neg_protocol, &len);
2759   sk = SSL_get_peer_cert_chain(BACKEND->handle);
3049   BACKEND->server_cert = SSL_get_peer_certificate(BACKEND->handle);
3050   if(!BACKEND->server_cert) {
3061   rc = x509_name_oneline(X509_get_subject_name(BACKEND->server_cert),
3065   ASN1_TIME_print(mem, X509_get0_notBefore(BACKEND->server_cert));
3070   ASN1_TIME_print(mem, X509_get0_notAfter(BACKEND->server_cert));
3078     result = verifyhost(conn, BACKEND->server_cert);
3080       X509_free(BACKEND->server_cert);
3081       BACKEND->server_cert = NULL;
3086   rc = x509_name_oneline(X509_get_issuer_name(BACKEND->server_cert),
3106         X509_free(BACKEND->server_cert);
3107         BACKEND->server_cert = NULL;
3116         X509_free(BACKEND->server_cert);
3124       if(X509_check_issued(issuer, BACKEND->server_cert) != X509_V_OK) {
3128         X509_free(BACKEND->server_cert);
3130         BACKEND->server_cert = NULL;
3139     lerr = *certverifyresult = SSL_get_verify_result(BACKEND->handle);
3164       X509_free(BACKEND->server_cert);
3165       BACKEND->server_cert = NULL;
3178     result = pkp_pin_peer_pubkey(data, BACKEND->server_cert, ptr);
3183   X509_free(BACKEND->server_cert);
3184   BACKEND->server_cert = NULL;
3203     our_ssl_sessionid = SSL_get1_session(BACKEND->handle);
3395   if(connssl->backend->handle && SSL_pending(connssl->backend->handle))
3398   if(proxyssl->backend->handle && SSL_pending(proxyssl->backend->handle))
3424   rc = SSL_write(BACKEND->handle, mem, memlen);
3427     err = SSL_get_error(BACKEND->handle, rc);
3486   nread = (ssize_t)SSL_read(BACKEND->handle, buf, buffsize);
3489     int err = SSL_get_error(BACKEND->handle, (int)nread);
3620          (void *)BACKEND->ctx : (void *)BACKEND->handle;