| /netbsd-src/external/ibm-public/postfix/dist/src/tls/ |
| H A D | tls_client.c | 197 static SSL_SESSION *load_clnt_session(TLS_SESS_STATE *TLScontext) in load_clnt_session() argument
206 if (TLScontext->log_mask & TLS_LOG_CACHE) in load_clnt_session()
209 TLScontext->serverid, TLScontext->cache_type); in load_clnt_session()
216 if (TLScontext->cache_type == 0) in load_clnt_session()
224 if (tls_mgr_lookup(TLScontext->cache_type, TLScontext->serverid, in load_clnt_session()
228 if (TLScontext->log_mask & TLS_LOG_CACHE) in load_clnt_session()
231 TLScontext->serverid, TLScontext->cache_type); in load_clnt_session()
248 TLS_SESS_STATE *TLScontext; in new_client_session_cb() local
256 if ((TLScontext = SSL_get_ex_data(ssl, TLScontext_index)) == 0) in new_client_session_cb()
264 if (TLScontext->cache_type == 0) in new_client_session_cb()
[all …]
|
| H A D | tls_server.c | 190 TLS_SESS_STATE *TLScontext; in get_server_session_cb() local
195 if ((TLScontext = SSL_get_ex_data(ssl, TLScontext_index)) == 0) in get_server_session_cb()
207 GEN_CACHE_ID(cache_id, session_id, session_id_length, TLScontext->serverid); in get_server_session_cb()
209 if (TLScontext->log_mask & TLS_LOG_CACHE) in get_server_session_cb()
210 msg_info("%s: looking up session %s in %s cache", TLScontext->namaddr, in get_server_session_cb()
211 STR(cache_id), TLScontext->cache_type); in get_server_session_cb()
216 if (tls_mgr_lookup(TLScontext->cache_type, STR(cache_id), in get_server_session_cb()
219 if (session && (TLScontext->log_mask & TLS_LOG_CACHE)) in get_server_session_cb()
221 TLScontext->namaddr, STR(cache_id), in get_server_session_cb()
222 TLScontext->cache_type); in get_server_session_cb()
[all …]
|
| H A D | tls_verify.c | 117 static void update_error_state(TLS_SESS_STATE *TLScontext, int depth, in update_error_state() argument
121 if (TLScontext->errordepth >= 0 && TLScontext->errordepth <= depth) in update_error_state()
130 if (TLScontext->errorcert != 0) in update_error_state()
131 X509_free(TLScontext->errorcert); in update_error_state()
134 TLScontext->errorcert = errorcert; in update_error_state()
135 TLScontext->errorcode = errorcode; in update_error_state()
136 TLScontext->errordepth = depth; in update_error_state()
148 TLS_SESS_STATE *TLScontext; in tls_verify_certificate_callback() local
154 TLScontext = SSL_get_ex_data(con, TLScontext_index); in tls_verify_certificate_callback()
168 if (TLScontext->must_fail) { in tls_verify_certificate_callback()
[all …]
|
| H A D | tls_misc.c | 845 TLS_SESS_STATE *TLScontext = SSL_get_ex_data(ssl, TLScontext_index); in server_sni_callback() local
856 TLScontext->namaddr, sni); in server_sni_callback()
873 if (TLScontext->peer_sni) { in server_sni_callback()
874 if (strcmp(sni, TLScontext->peer_sni) == 0) in server_sni_callback()
877 TLScontext->namaddr, TLScontext->peer_sni, sni); in server_sni_callback()
895 sni, TLScontext->namaddr); in server_sni_callback()
911 TLScontext->peer_sni = mystrdup(sni); in server_sni_callback()
917 const char *tls_set_ciphers(TLS_SESS_STATE *TLScontext, const char *grade, in tls_set_ciphers() argument
933 TLScontext->namaddr, grade); in tls_set_ciphers()
968 TLScontext->namaddr, tok); in tls_set_ciphers()
[all …]
|
| H A D | tls_stream.c | 101 TLS_SESS_STATE *TLScontext; in tls_timed_read() local
103 TLScontext = (TLS_SESS_STATE *) context; in tls_timed_read()
104 if (!TLScontext) in tls_timed_read()
107 ret = tls_bio_read(fd, buf, len, timeout, TLScontext); in tls_timed_read()
108 if (ret > 0 && (TLScontext->log_mask & TLS_LOG_ALLPKTS)) in tls_timed_read()
121 TLS_SESS_STATE *TLScontext; in tls_timed_write() local
123 TLScontext = (TLS_SESS_STATE *) context; in tls_timed_write()
124 if (!TLScontext) in tls_timed_write()
127 if (TLScontext->log_mask & TLS_LOG_ALLPKTS) in tls_timed_write()
130 ret = tls_bio_write(fd, buf, len, timeout, TLScontext); in tls_timed_write()
|
| H A D | tls_session.c | 92 int failure, TLS_SESS_STATE *TLScontext) in tls_session_stop() argument
100 if (TLScontext == 0) in tls_session_stop()
123 if (!failure && !SSL_in_init(TLScontext->con)) { in tls_session_stop()
124 retval = tls_bio_shutdown(vstream_fileno(stream), timeout, TLScontext); in tls_session_stop()
126 tls_bio_shutdown(vstream_fileno(stream), timeout, TLScontext); in tls_session_stop()
128 tls_free_context(TLScontext); in tls_session_stop()
|
| H A D | tls_bio_ops.c | 154 int tls_bio(int fd, int timeout, TLS_SESS_STATE *TLScontext, in tls_bio() argument
187 vstream_fstat(TLScontext->stream, VSTREAM_FLAG_DEADLINE); in tls_bio()
207 status = hsfunc(TLScontext->con); in tls_bio()
209 status = rfunc(TLScontext->con, buf, num); in tls_bio()
211 status = wfunc(TLScontext->con, buf, num); in tls_bio()
214 err = SSL_get_error(TLScontext->con, status); in tls_bio()
|
| H A D | tls_fprint.c | 243 char *tls_serverid_digest(TLS_SESS_STATE *TLScontext, in tls_serverid_digest() argument
285 CHECK_OK_AND_DIGEST_OBJECT(mdctx, &TLScontext->must_fail); in tls_serverid_digest()
291 if (TLScontext->level > TLS_LEV_ENCRYPT in tls_serverid_digest()
304 if (TLScontext->level > TLS_LEV_ENCRYPT && TLScontext->peer_sni) in tls_serverid_digest()
305 CHECK_OK_AND_DIGEST_CHARS(mdctx, TLScontext->peer_sni); in tls_serverid_digest()
|
| H A D | tls_dane.c | 796 int tls_dane_enable(TLS_SESS_STATE *TLScontext) in tls_dane_enable() argument
798 const TLS_DANE *dane = TLScontext->dane; in tls_dane_enable()
800 SSL *ssl = TLScontext->con; in tls_dane_enable()
812 tlsa_carp(TLScontext->namaddr, ":", "", "unusable TLSA RR", in tls_dane_enable()
818 tlsa_carp(TLScontext->namaddr, ":", "", "error loading trust settings", in tls_dane_enable()
965 void tls_dane_log(TLS_SESS_STATE *TLScontext) in tls_dane_log() argument
970 int depth = SSL_get0_dane_authority(TLScontext->con, NULL, &mspki); in tls_dane_log()
978 switch (TLScontext->level) { in tls_dane_log()
982 TLScontext->namaddr, depth); in tls_dane_log()
991 (void) SSL_get0_dane_tlsa(TLScontext->con, &u, &s, &m, &data, &dlen); in tls_dane_log()
[all …]
|
| H A D | tls.h | 497 #define tls_client_stop(ctx, stream, timeout, failure, TLScontext) \ argument
498 tls_session_stop(ctx, (stream), (timeout), (failure), (TLScontext))
563 #define tls_server_stop(ctx, stream, timeout, failure, TLScontext) \ argument
564 tls_session_stop(ctx, (stream), (timeout), (failure), (TLScontext))
|
| /netbsd-src/external/ibm-public/postfix/dist/proto/ |
| H A D | stop.spell-cc | 1398 TLScontext
|
| /netbsd-src/external/ibm-public/postfix/dist/ |
| H A D | TLS_CHANGES | 847 into the connection specific TLScontext.
1417 * With respect to the bevaviour as is, SSL_free(TLScontext->con);
1418 BIO_free(TLScontext->network_bio) and not touching
1419 TLScontext->internal_bio works.
1448 - Introduce TLScontext to identify the connection instead of the file
1451 The TLScontext is allocated on TLS-start for a connection and saved with
|
| H A D | WISHLIST | 1001 The usage of TLScontext->cache_type is unclear. It specifies
1009 around as pointers. TLScontext->cache_type is a case in
|