Lines Matching defs:ssl_ctx

242 	SSL_CTX *ssl_ctx;
663 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name)
710 		if (!X509_STORE_add_cert(SSL_CTX_get_cert_store(ssl_ctx),
1186 void tls_deinit(void *ssl_ctx)
1188 	struct tls_data *data = ssl_ctx;
1395 int tls_get_errors(void *ssl_ctx)
1683 struct tls_connection * tls_connection_init(void *ssl_ctx)
1685 	struct tls_data *data = ssl_ctx;
1715 	conn->ssl_ctx = ssl;
1744 		SSL_CTX_set_keylog_callback(conn->ssl_ctx, tls_keylog_cb);
1773 void tls_connection_deinit(void *ssl_ctx, struct tls_connection *conn)
1798 int tls_connection_established(void *ssl_ctx, struct tls_connection *conn)
1829 int tls_connection_shutdown(void *ssl_ctx, struct tls_connection *conn)
2714 		res = check_ocsp_resp(conn->ssl_ctx, conn->ssl, err_cert,
2751 	SSL_CTX *ssl_ctx = data->ssl;
2755 	lookup = X509_STORE_add_lookup(SSL_CTX_get_cert_store(ssl_ctx),
2786 	SSL_CTX *ssl_ctx = data->ssl;
2799 	SSL_CTX_set_cert_store(ssl_ctx, store);
2866 		if (!X509_STORE_add_cert(SSL_CTX_get_cert_store(ssl_ctx),
2892 		if (tls_add_ca_from_keystore(SSL_CTX_get_cert_store(ssl_ctx),
2912 				    SSL_CTX_get_cert_store(ssl_ctx), alias)) {
2930 	if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) ==
2940 		if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, ca_path) !=
2973 	SSL_CTX *ssl_ctx = data->ssl;
2976 		if (SSL_CTX_load_verify_locations(ssl_ctx, ca_cert, NULL) != 1)
2988 		SSL_CTX_set_client_CA_list(ssl_ctx,
3000 int tls_global_set_verify(void *ssl_ctx, int check_crl, int strict)
3005 		struct tls_data *data = ssl_ctx;
3204 	SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, NULL, 0);
3278 		if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs,
3313 		if (SSL_CTX_set_verify_algorithm_prefs(conn->ssl_ctx, sigalgs,
3376 int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
3381 	struct tls_data *data = ssl_ctx;
3440 	SSL_CTX_clear_extra_chain_certs(conn->ssl_ctx);
3555 	SSL_CTX *ssl_ctx = data->ssl;
3560 	if (SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
3562 	    SSL_CTX_use_certificate_chain_file(ssl_ctx, client_cert) != 1 &&
3563 	    SSL_CTX_use_certificate_file(ssl_ctx, client_cert,
3831 	SSL_CTX *ssl_ctx = data->ssl;
3845 	SSL_CTX_set_cert_store(ssl_ctx, store);
4091 	SSL_CTX *ssl_ctx = data->ssl;
4106 	if (!SSL_CTX_check_private_key(ssl_ctx)) {
4165 	SSL_CTX *ssl_ctx = data->ssl;
4171 	if (!ssl_ctx)
4174 		SSL_CTX_set_dh_auto(ssl_ctx, 1);
4227 	if (SSL_CTX_set0_tmp_dh_pkey(ssl_ctx, pkey) != 1) {
4236 	SSL_CTX *ssl_ctx = data->ssl;
4240 	if (!ssl_ctx)
4244 		SSL_CTX_set_dh_auto(ssl_ctx, 1);
4292 	if (SSL_CTX_set_tmp_dh(ssl_ctx, dh) != 1) {
4306 int tls_connection_get_random(void *ssl_ctx, struct tls_connection *conn,
4682 			   tls_connection_resumed(conn->ssl_ctx, conn));
4719 tls_connection_handshake(void *ssl_ctx, struct tls_connection *conn,
4834 int tls_connection_resumed(void *ssl_ctx, struct tls_connection *conn)
4921 int tls_get_version(void *ssl_ctx, struct tls_connection *conn,
4937 int tls_get_cipher(void *ssl_ctx, struct tls_connection *conn,
4953 int tls_connection_enable_workaround(void *ssl_ctx,
4966 int tls_connection_client_hello_ext(void *ssl_ctx, struct tls_connection *conn,
4982 int tls_connection_get_failed(void *ssl_ctx, struct tls_connection *conn)
4990 int tls_connection_get_read_alerts(void *ssl_ctx, struct tls_connection *conn)
4998 int tls_connection_get_write_alerts(void *ssl_ctx, struct tls_connection *conn)
5098 	store = SSL_CTX_get_cert_store(conn->ssl_ctx);
5528 		SSL_CTX *ssl_ctx = data->ssl;
5530 		SSL_CTX_set_tlsext_status_cb(ssl_ctx, ocsp_resp_cb);
5531 		SSL_CTX_set_tlsext_status_arg(ssl_ctx, conn);
5554 static void openssl_debug_dump_cipher_list(SSL_CTX *ssl_ctx)
5559 	ssl = SSL_new(ssl_ctx);
5626 static void openssl_debug_dump_certificates(SSL_CTX *ssl_ctx)
5631 	if (SSL_CTX_get0_chain_certs(ssl_ctx, &certs) == 1) {
5638 	openssl_debug_dump_certificate(0, SSL_CTX_get0_certificate(ssl_ctx));
5644 static void openssl_debug_dump_certificate_chains(SSL_CTX *ssl_ctx)
5649 	for (res = SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_FIRST);
5651 	     res = SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_NEXT))
5652 		openssl_debug_dump_certificates(ssl_ctx);
5654 	SSL_CTX_set_current_cert(ssl_ctx, SSL_CERT_SET_FIRST);
5659 static void openssl_debug_dump_ctx(SSL_CTX *ssl_ctx)
5661 	openssl_debug_dump_cipher_list(ssl_ctx);
5662 	openssl_debug_dump_certificate_chains(ssl_ctx);
5670 	SSL_CTX *ssl_ctx = data->ssl;
5708 	    SSL_CTX_set_cipher_list(ssl_ctx, params->openssl_ciphers) != 1) {
5719 		if (SSL_CTX_set_ecdh_auto(ssl_ctx, 1) != 1) {
5735 		SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
5737 		if (SSL_CTX_set1_curves_list(ssl_ctx,
5754 		SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET);
5756 		SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TICKET);
5760 	SSL_CTX_set_tlsext_status_cb(ssl_ctx, ocsp_status_cb);
5761 	SSL_CTX_set_tlsext_status_arg(ssl_ctx, ssl_ctx);
5770 	openssl_debug_dump_ctx(ssl_ctx);
5974 	if (SSL_CTX_remove_session(conn->ssl_ctx, sess) != 1)