26 #include "private-lib-tls-openssl.h"
40 	SSL *s = wsi->tls.ssl;  in lws_openssl_describe_cipher()
55 	if (!wsi->tls.ssl)  in lws_ssl_get_error()
58 	m = SSL_get_error(wsi->tls.ssl, n);  in lws_ssl_get_error()
59        lwsl_debug("%s: %p %d -> %d (errno %d)\n", __func__, wsi->tls.ssl, n, m, LWS_ERRNO);  in lws_ssl_get_error()
142 	if (vhost->tls.user_supplied_ssl_ctx || !vhost->tls.ssl_client_ctx)  in lws_ssl_destroy_client_ctx()
145 	if (vhost->tls.tcr && --vhost->tls.tcr->refcount)  in lws_ssl_destroy_client_ctx()
148 	SSL_CTX_free(vhost->tls.ssl_client_ctx);  in lws_ssl_destroy_client_ctx()
149 	vhost->tls.ssl_client_ctx = NULL;  in lws_ssl_destroy_client_ctx()
151 	vhost->context->tls.count_client_contexts--;  in lws_ssl_destroy_client_ctx()
153 	if (vhost->tls.tcr) {  in lws_ssl_destroy_client_ctx()
154 		lws_dll2_remove(&vhost->tls.tcr->cc_list);  in lws_ssl_destroy_client_ctx()
155 		lws_free(vhost->tls.tcr);  in lws_ssl_destroy_client_ctx()
156 		vhost->tls.tcr = NULL;  in lws_ssl_destroy_client_ctx()
167 	if (vhost->tls.ssl_ctx)  in lws_ssl_destroy()
168 		SSL_CTX_free(vhost->tls.ssl_ctx);  in lws_ssl_destroy()
205 	if (!wsi->tls.ssl)  in lws_ssl_capable_read()
214 	n = SSL_read(wsi->tls.ssl, buf, (int)(ssize_t)len);  in lws_ssl_capable_read()
272 		if (SSL_want_read(wsi->tls.ssl)) {  in lws_ssl_capable_read()
277 		if (SSL_want_write(wsi->tls.ssl)) {  in lws_ssl_capable_read()
290 	 * If using openssl type tls library, this is the earliest point for all  in lws_ssl_capable_read()
291 	 * paths to dump what was received as decrypted data from the tls tunnel  in lws_ssl_capable_read()
311 	if (!wsi->tls.ssl)  in lws_ssl_capable_read()
314 	if (SSL_pending(wsi->tls.ssl)) {  in lws_ssl_capable_read()
315 		if (lws_dll2_is_detached(&wsi->tls.dll_pending_tls))  in lws_ssl_capable_read()
316 			lws_dll2_add_head(&wsi->tls.dll_pending_tls,  in lws_ssl_capable_read()
317 					  &pt->tls.dll_pending_tls_owner);  in lws_ssl_capable_read()
331 	if (!wsi->tls.ssl)  in lws_ssl_pending()
334 	return SSL_pending(wsi->tls.ssl);  in lws_ssl_pending()
345 	 * If using OpenSSL type tls library, this is the last point for all  in lws_ssl_capable_write()
346 	 * paths before sending data into the tls tunnel, where you can dump it  in lws_ssl_capable_write()
353 	if (!wsi->tls.ssl)  in lws_ssl_capable_write()
358 	n = SSL_write(wsi->tls.ssl, buf, (int)(ssize_t)len);  in lws_ssl_capable_write()
370 		if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl)) {  in lws_ssl_capable_write()
376 		if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl)) {  in lws_ssl_capable_write()
427 	if (!(where & wsi->a.vhost->tls.ssl_info_event_mask))  in lws_ssl_info_callback()
445 	if (!wsi->tls.ssl)  in lws_ssl_close()
452 	if (wsi->a.vhost->tls.ssl_info_event_mask)  in lws_ssl_close()
453 		SSL_set_info_callback(wsi->tls.ssl, NULL);  in lws_ssl_close()
457 	lws_sul_cancel(&wsi->tls.sul_cb_synth);  in lws_ssl_close()
462 	lws_sess_cache_synth_cb(&wsi->tls.sul_cb_synth);  in lws_ssl_close()
465 	n = SSL_get_fd(wsi->tls.ssl);  in lws_ssl_close()
467 		SSL_shutdown(wsi->tls.ssl);  in lws_ssl_close()
469 	SSL_free(wsi->tls.ssl);  in lws_ssl_close()
470 	wsi->tls.ssl = NULL;  in lws_ssl_close()
484 	if (vhost->tls.ssl_ctx)  in lws_ssl_SSL_CTX_destroy()
485 		SSL_CTX_free(vhost->tls.ssl_ctx);  in lws_ssl_SSL_CTX_destroy()
526 	if (!wsi->tls.ssl)  in lws_tls_ctx_from_wsi()
529 	return SSL_get_SSL_CTX(wsi->tls.ssl);  in lws_tls_ctx_from_wsi()
543 	n = SSL_shutdown(wsi->tls.ssl);  in __lws_tls_shutdown()
555 		n = SSL_get_error(wsi->tls.ssl, n);  in __lws_tls_shutdown()
557 			if (SSL_want_read(wsi->tls.ssl)) {  in __lws_tls_shutdown()
562 			if (SSL_want_write(wsi->tls.ssl)) {  in __lws_tls_shutdown()