Lines Matching refs:ssl
65 SSL *ssl; member
323 static int tls_cryptoapi_cert(SSL *ssl, const char *name) in tls_cryptoapi_cert() argument
390 if (!SSL_use_certificate(ssl, cert)) { in tls_cryptoapi_cert()
404 if (!SSL_use_RSAPrivateKey(ssl, rsa)) in tls_cryptoapi_cert()
423 static int tls_cryptoapi_ca_cert(SSL_CTX *ssl_ctx, SSL *ssl, const char *name) in tls_cryptoapi_ca_cert() argument
490 static int tls_cryptoapi_cert(SSL *ssl, const char *name) in tls_cryptoapi_cert() argument
498 static void ssl_info_cb(const SSL *ssl, int where, int ret) in ssl_info_cb() argument
514 str, SSL_state_string_long(ssl)); in ssl_info_cb()
524 SSL_get_app_data((SSL *) ssl); in ssl_info_cb()
533 SSL_state_string_long(ssl)); in ssl_info_cb()
685 SSL_CTX *ssl; in tls_init() local
741 ssl = SSL_CTX_new(TLSv1_method()); in tls_init()
742 if (ssl == NULL) in tls_init()
745 SSL_CTX_set_info_callback(ssl, ssl_info_cb); in tls_init()
758 tls_deinit(ssl); in tls_init()
764 return ssl; in tls_init()
770 SSL_CTX *ssl = ssl_ctx; in tls_deinit() local
771 SSL_CTX_free(ssl); in tls_deinit()
911 SSL_CTX *ssl = ssl_ctx; in tls_connection_init() local
918 conn->ssl = SSL_new(ssl); in tls_connection_init()
919 if (conn->ssl == NULL) { in tls_connection_init()
926 SSL_set_app_data(conn->ssl, conn); in tls_connection_init()
932 SSL_set_options(conn->ssl, options); in tls_connection_init()
938 SSL_free(conn->ssl); in tls_connection_init()
947 SSL_free(conn->ssl); in tls_connection_init()
953 SSL_set_bio(conn->ssl, conn->ssl_in, conn->ssl_out); in tls_connection_init()
963 SSL_free(conn->ssl); in tls_connection_deinit()
974 return conn ? SSL_is_init_finished(conn->ssl) : 0; in tls_connection_established()
986 SSL_set_quiet_shutdown(conn->ssl, 1); in tls_connection_shutdown()
987 SSL_shutdown(conn->ssl); in tls_connection_shutdown()
1180 SSL *ssl; in tls_verify_cb() local
1188 ssl = X509_STORE_CTX_get_ex_data(x509_ctx, in tls_verify_cb()
1192 conn = SSL_get_app_data(ssl); in tls_verify_cb()
1345 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); in tls_connection_ca_cert()
1442 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); in tls_connection_ca_cert()
1448 if (ca_cert && tls_cryptoapi_ca_cert(ssl_ctx, conn->ssl, ca_cert) == in tls_connection_ca_cert()
1568 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER | in tls_connection_set_verify()
1573 SSL_set_verify(conn->ssl, SSL_VERIFY_NONE, NULL); in tls_connection_set_verify()
1576 SSL_set_accept_state(conn->ssl); in tls_connection_set_verify()
1587 SSL_set_session_id_context(conn->ssl, in tls_connection_set_verify()
1604 SSL_use_certificate_ASN1(conn->ssl, (u8 *) client_cert_blob, in tls_connection_client_cert()
1627 if (SSL_use_certificate(conn->ssl, x509) == 1) in tls_connection_client_cert()
1636 if (SSL_use_certificate_file(conn->ssl, client_cert, in tls_connection_client_cert()
1643 if (SSL_use_certificate_file(conn->ssl, client_cert, in tls_connection_client_cert()
1697 static int tls_parse_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, PKCS12 *p12, in tls_parse_pkcs12() argument
1722 if (ssl) { in tls_parse_pkcs12()
1723 if (SSL_use_certificate(ssl, cert) != 1) in tls_parse_pkcs12()
1734 if (ssl) { in tls_parse_pkcs12()
1735 if (SSL_use_PrivateKey(ssl, pkey) != 1) in tls_parse_pkcs12()
1772 static int tls_read_pkcs12(SSL_CTX *ssl_ctx, SSL *ssl, const char *private_key, in tls_read_pkcs12() argument
1792 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd); in tls_read_pkcs12()
1802 static int tls_read_pkcs12_blob(SSL_CTX *ssl_ctx, SSL *ssl, in tls_read_pkcs12_blob() argument
1815 return tls_parse_pkcs12(ssl_ctx, ssl, p12, passwd); in tls_read_pkcs12_blob()
1865 if (!SSL_use_certificate(conn->ssl, cert)) { in tls_connection_engine_client_cert()
1920 SSL_set_verify(conn->ssl, SSL_VERIFY_PEER, tls_verify_cb); in tls_connection_engine_ca_cert()
1932 if (SSL_use_PrivateKey(conn->ssl, conn->private_key) != 1) { in tls_connection_engine_private_key()
1937 if (!SSL_check_private_key(conn->ssl)) { in tls_connection_engine_private_key()
1977 if (SSL_use_PrivateKey_ASN1(EVP_PKEY_RSA, conn->ssl, in tls_connection_private_key()
1986 if (SSL_use_PrivateKey_ASN1(EVP_PKEY_DSA, conn->ssl, in tls_connection_private_key()
1995 if (SSL_use_RSAPrivateKey_ASN1(conn->ssl, in tls_connection_private_key()
2004 if (tls_read_pkcs12_blob(ssl_ctx, conn->ssl, private_key_blob, in tls_connection_private_key()
2025 if (SSL_use_PrivateKey(conn->ssl, pkey) == 1) { in tls_connection_private_key()
2037 if (SSL_use_PrivateKey_file(conn->ssl, private_key, in tls_connection_private_key()
2045 if (SSL_use_PrivateKey_file(conn->ssl, private_key, in tls_connection_private_key()
2057 if (tls_read_pkcs12(ssl_ctx, conn->ssl, private_key, passwd) in tls_connection_private_key()
2065 if (tls_cryptoapi_cert(conn->ssl, private_key) == 0) { in tls_connection_private_key()
2085 if (!SSL_check_private_key(conn->ssl)) { in tls_connection_private_key()
2202 if (SSL_set_tmp_dh(conn->ssl, dh) != 1) { in tls_connection_dh()
2292 SSL *ssl; in tls_connection_get_keys() local
2296 ssl = conn->ssl; in tls_connection_get_keys()
2297 if (ssl == NULL || ssl->s3 == NULL || ssl->session == NULL) in tls_connection_get_keys()
2301 keys->master_key = ssl->session->master_key; in tls_connection_get_keys()
2302 keys->master_key_len = ssl->session->master_key_length; in tls_connection_get_keys()
2303 keys->client_random = ssl->s3->client_random; in tls_connection_get_keys()
2305 keys->server_random = ssl->s3->server_random; in tls_connection_get_keys()
2341 res = SSL_accept(conn->ssl); in openssl_handshake()
2343 res = SSL_connect(conn->ssl); in openssl_handshake()
2345 int err = SSL_get_error(conn->ssl, res); in openssl_handshake()
2399 res = SSL_read(conn->ssl, wpabuf_mhead(appl_data), in openssl_get_appl_data()
2402 int err = SSL_get_error(conn->ssl, res); in openssl_get_appl_data()
2438 if (SSL_is_init_finished(conn->ssl) && appl_data && in_data) in openssl_connection_handshake()
2479 res = SSL_write(conn->ssl, wpabuf_head(in_data), wpabuf_len(in_data)); in tls_connection_encrypt()
2533 res = SSL_read(conn->ssl, wpabuf_mhead(buf), wpabuf_size(buf)); in tls_connection_decrypt()
2548 return conn ? conn->ssl->hit : 0; in tls_connection_resumed()
2559 if (conn == NULL || conn->ssl == NULL || ciphers == NULL) in tls_connection_set_cipher_list()
2598 if (SSL_set_cipher_list(conn->ssl, buf + 1) != 1) { in tls_connection_set_cipher_list()
2612 if (conn == NULL || conn->ssl == NULL) in tls_get_cipher()
2615 name = SSL_get_cipher(conn->ssl); in tls_get_cipher()
2627 SSL_set_options(conn->ssl, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); in tls_connection_enable_workaround()
2641 if (conn == NULL || conn->ssl == NULL || ext_type != 35) in tls_connection_client_hello_ext()
2645 if (SSL_set_session_ticket_ext(conn->ssl, (void *) data, in tls_connection_client_hello_ext()
2649 if (SSL_set_hello_extension(conn->ssl, ext_type, (void *) data, in tls_connection_client_hello_ext()
2793 if (conn == NULL || conn->ssl == NULL || in tls_connection_get_keyblock_size()
2794 conn->ssl->enc_read_ctx == NULL || in tls_connection_get_keyblock_size()
2795 conn->ssl->enc_read_ctx->cipher == NULL || in tls_connection_get_keyblock_size()
2796 conn->ssl->read_hash == NULL) in tls_connection_get_keyblock_size()
2799 c = conn->ssl->enc_read_ctx->cipher; in tls_connection_get_keyblock_size()
2801 h = EVP_MD_CTX_md(conn->ssl->read_hash); in tls_connection_get_keyblock_size()
2803 h = conn->ssl->read_hash; in tls_connection_get_keyblock_size()
2944 if (SSL_set_session_secret_cb(conn->ssl, tls_sess_sec_cb, in tls_connection_set_session_ticket_cb()
2948 SSL_set_session_ticket_ext_cb(conn->ssl, in tls_connection_set_session_ticket_cb()
2952 SSL_set_tlsext_debug_callback(conn->ssl, tls_hello_ext_cb); in tls_connection_set_session_ticket_cb()
2953 SSL_set_tlsext_debug_arg(conn->ssl, conn); in tls_connection_set_session_ticket_cb()
2955 if (SSL_set_hello_extension_cb(conn->ssl, tls_hello_ext_cb, in tls_connection_set_session_ticket_cb()
2961 if (SSL_set_session_secret_cb(conn->ssl, NULL, NULL) != 1) in tls_connection_set_session_ticket_cb()
2964 SSL_set_session_ticket_ext_cb(conn->ssl, NULL, NULL); in tls_connection_set_session_ticket_cb()
2967 SSL_set_tlsext_debug_callback(conn->ssl, NULL); in tls_connection_set_session_ticket_cb()
2968 SSL_set_tlsext_debug_arg(conn->ssl, conn); in tls_connection_set_session_ticket_cb()
2970 if (SSL_set_hello_extension_cb(conn->ssl, NULL, NULL) != 1) in tls_connection_set_session_ticket_cb()