42 #include "url.h" /* for the ssl config check function */
204   if(data->set.ssl.random_file)
354     SSL *ssl;
421             failf(data, "ssl engine does not support loading certificates");
428             failf(data, "ssl engine cannot load client cert with id"
435             failf(data, "ssl engine didn't initialized the certificate "
628     ssl=SSL_new(ctx);
629     if(NULL == ssl) {
634     x509=SSL_get_certificate(ssl);
640       EVP_PKEY_copy_parameters(pktmp,SSL_get_privatekey(ssl));
644     SSL_free(ssl);
793   rc = SSL_peek(conn->ssl[FIRSTSOCKET].handle, (void*)&buf, 1);
898   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
920   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
948         nread = (ssize_t)SSL_read(conn->ssl[sockindex].handle, buf,
950         err = SSL_get_error(conn->ssl[sockindex].handle, (int)nread);
969           /* openssl/ssl.h says "look at error stack/return value/errno" */
1357                           const void *buf, size_t len, const SSL *ssl,
1392   (void) ssl;
1426 select_next_proto_cb(SSL *ssl,
1433   (void)ssl;
1491   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1510   data->set.ssl.certverifyresult = !X509_V_OK;
1514   switch(data->set.ssl.version) {
1531     if(data->set.ssl.authtype == CURL_TLSAUTH_SRP)
1540     if(data->set.ssl.authtype == CURL_TLSAUTH_SRP)
1635   switch(data->set.ssl.version) {
1639     if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
1754   if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
1755     infof(data, "Using TLS-SRP username: %s\n", data->set.ssl.username);
1757     if(!SSL_CTX_set_srp_username(connssl->ctx, data->set.ssl.username)) {
1761     if(!SSL_CTX_set_srp_password(connssl->ctx,data->set.ssl.password)) {
1781       if(data->set.ssl.verifypeer) {
1839                      data->set.ssl.verifypeer?SSL_VERIFY_PEER:SSL_VERIFY_NONE,
1843   if(data->set.ssl.fsslctx) {
1844     retcode = (*data->set.ssl.fsslctx)(data, connssl->ctx,
1845                                        data->set.ssl.fsslctxp);
1847       failf(data,"error signaled by ssl ctx callback");
1903   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2370   if(data->set.ssl.certinfo)
2394   if(data->set.ssl.verifyhost) {
2452     lerr = data->set.ssl.certverifyresult=
2454     if(data->set.ssl.certverifyresult != X509_V_OK) {
2455       if(data->set.ssl.verifypeer) {
2487   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2525       failf(data, "failed to store ssl session");
2546   if(!data->set.ssl.verifypeer && !data->set.ssl.verifyhost)
2567   struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2605     /* if ssl is expecting something, check if it's available. */
2698   if(conn->ssl[connindex].handle)
2700     return (0 != SSL_pending(conn->ssl[connindex].handle)) ? TRUE : FALSE;
2723   rc = SSL_write(conn->ssl[sockindex].handle, mem, memlen);
2726     err = SSL_get_error(conn->ssl[sockindex].handle, rc);
2773   nread = (ssize_t)SSL_read(conn->ssl[num].handle, buf, buffsize);
2776     int err = SSL_get_error(conn->ssl[num].handle, (int)nread);
2788       /* openssl/ssl.h for SSL_ERROR_SYSCALL says "look at error stack/return

Indexes created Sun Jun 09 20:07:13 MDT 2024