Lines Matching refs:connssl
895 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
897 if(connssl->handle) {
898 (void)SSL_shutdown(connssl->handle);
899 SSL_set_connect_state(connssl->handle);
901 SSL_free (connssl->handle);
902 connssl->handle = NULL;
904 if(connssl->ctx) {
905 SSL_CTX_free (connssl->ctx);
906 connssl->ctx = NULL;
917 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
933 (void)SSL_shutdown(connssl->handle);
935 if(connssl->handle) {
990 switch(SSL_get_shutdown(connssl->handle)) {
1005 SSL_free (connssl->handle);
1006 connssl->handle = NULL;
1483 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1497 DEBUGASSERT(ssl_connect_1 == connssl->connecting_state);
1538 if(connssl->ctx)
1539 SSL_CTX_free(connssl->ctx);
1540 connssl->ctx = SSL_CTX_new(req_method);
1542 if(!connssl->ctx) {
1549 SSL_CTX_set_mode(connssl->ctx, SSL_MODE_RELEASE_BUFFERS);
1556 if(!SSL_CTX_callback_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK,
1560 else if(!SSL_CTX_ctrl(connssl->ctx, SSL_CTRL_SET_MSG_CALLBACK_ARG, 0,
1691 SSL_CTX_set_options(connssl->ctx, ctx_options);
1696 SSL_CTX_set_next_proto_select_cb(connssl->ctx, select_next_proto_cb,
1713 SSL_CTX_set_alpn_protos(connssl->ctx, protocols,
1725 connssl->ctx,
1738 if(!SSL_CTX_set_cipher_list(connssl->ctx, ciphers)) {
1747 if(!SSL_CTX_set_srp_username(connssl->ctx, data->set.ssl.username)) {
1751 if(!SSL_CTX_set_srp_password(connssl->ctx,data->set.ssl.password)) {
1758 if(!SSL_CTX_set_cipher_list(connssl->ctx, "SRP")) {
1768 if(!SSL_CTX_load_verify_locations(connssl->ctx,
1804 lookup=X509_STORE_add_lookup(SSL_CTX_get_cert_store(connssl->ctx),
1816 X509_STORE_set_flags(SSL_CTX_get_cert_store(connssl->ctx),
1828 SSL_CTX_set_verify(connssl->ctx,
1834 retcode = (*data->set.ssl.fsslctx)(data, connssl->ctx,
1843 if(connssl->handle)
1844 SSL_free(connssl->handle);
1845 connssl->handle = SSL_new(connssl->ctx);
1846 if(!connssl->handle) {
1850 SSL_set_connect_state(connssl->handle);
1852 connssl->server_cert = 0x0;
1860 !SSL_set_tlsext_host_name(connssl->handle, conn->host.name))
1868 if(!SSL_set_session(connssl->handle, ssl_sessionid)) {
1878 if(!SSL_set_fd(connssl->handle, (int)sockfd)) {
1884 connssl->connecting_state = ssl_connect_2;
1893 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1899 DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
1900 || ssl_connect_2_reading == connssl->connecting_state
1901 || ssl_connect_2_writing == connssl->connecting_state);
1905 err = SSL_connect(connssl->handle);
1911 int detail = SSL_get_error(connssl->handle, err);
1914 connssl->connecting_state = ssl_connect_2_reading;
1918 connssl->connecting_state = ssl_connect_2_writing;
1930 connssl->connecting_state = ssl_connect_2; /* the connection failed,
1952 lerr = SSL_get_verify_result(connssl->handle);
1988 connssl->connecting_state = ssl_connect_3;
1992 get_ssl_version_txt(SSL_get_session(connssl->handle)),
1993 SSL_get_cipher(connssl->handle));
2000 SSL_get0_alpn_selected(connssl->handle, &neg_protocol, &len);
2181 struct ssl_connect_data *connssl)
2194 sk = SSL_get_peer_cert_chain(connssl->handle);
2353 struct ssl_connect_data *connssl,
2367 (void)get_cert_chain(conn, connssl);
2371 connssl->server_cert = SSL_get_peer_certificate(connssl->handle);
2372 if(!connssl->server_cert) {
2379 rc = x509_name_oneline(X509_get_subject_name(connssl->server_cert),
2383 certdate = X509_get_notBefore(connssl->server_cert);
2387 certdate = X509_get_notAfter(connssl->server_cert);
2392 retcode = verifyhost(conn, connssl->server_cert);
2394 X509_free(connssl->server_cert);
2395 connssl->server_cert = NULL;
2400 rc = x509_name_oneline(X509_get_issuer_name(connssl->server_cert),
2420 X509_free(connssl->server_cert);
2421 connssl->server_cert = NULL;
2429 X509_free(connssl->server_cert);
2435 if(X509_check_issued(issuer,connssl->server_cert) != X509_V_OK) {
2439 X509_free(connssl->server_cert);
2441 connssl->server_cert = NULL;
2450 SSL_get_verify_result(connssl->handle);
2469 X509_free(connssl->server_cert);
2470 connssl->server_cert = NULL;
2471 connssl->connecting_state = ssl_connect_done;
2484 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2488 DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
2491 our_ssl_sessionid = SSL_get1_session(connssl->handle);
2498 our_ssl_sessionid = SSL_get_session(connssl->handle);
2544 (void)servercert(conn, connssl, FALSE);
2546 retcode = servercert(conn, connssl, TRUE);
2549 connssl->connecting_state = ssl_connect_done;
2564 struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2570 if(ssl_connection_complete == connssl->state) {
2575 if(ssl_connect_1==connssl->connecting_state) {
2589 while(ssl_connect_2 == connssl->connecting_state ||
2590 ssl_connect_2_reading == connssl->connecting_state ||
2591 ssl_connect_2_writing == connssl->connecting_state) {
2603 if(connssl->connecting_state == ssl_connect_2_reading
2604 || connssl->connecting_state == ssl_connect_2_writing) {
2607 connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
2609 connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
2639 (ssl_connect_2 == connssl->connecting_state ||
2640 ssl_connect_2_reading == connssl->connecting_state ||
2641 ssl_connect_2_writing == connssl->connecting_state)))
2647 if(ssl_connect_3==connssl->connecting_state) {
2653 if(ssl_connect_done==connssl->connecting_state) {
2654 connssl->state = ssl_connection_complete;
2663 connssl->connecting_state = ssl_connect_1;