Lines Matching refs:ctx
41 static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx,
301 int ssl_cert_set0_chain(SSL_CONNECTION *s, SSL_CTX *ctx, STACK_OF(X509) *chain) in ssl_cert_set0_chain() argument
304 CERT_PKEY *cpk = s != NULL ? s->cert->key : ctx->cert->key; in ssl_cert_set0_chain()
311 r = ssl_security_cert(s, ctx, x, 0, 0); in ssl_cert_set0_chain()
322 int ssl_cert_set1_chain(SSL_CONNECTION *s, SSL_CTX *ctx, STACK_OF(X509) *chain) in ssl_cert_set1_chain() argument
327 return ssl_cert_set0_chain(s, ctx, NULL); in ssl_cert_set1_chain()
331 if (!ssl_cert_set0_chain(s, ctx, dchain)) { in ssl_cert_set1_chain()
338 int ssl_cert_add0_chain_cert(SSL_CONNECTION *s, SSL_CTX *ctx, X509 *x) in ssl_cert_add0_chain_cert() argument
341 CERT_PKEY *cpk = s ? s->cert->key : ctx->cert->key; in ssl_cert_add0_chain_cert()
345 r = ssl_security_cert(s, ctx, x, 0, 0); in ssl_cert_add0_chain_cert()
357 int ssl_cert_add1_chain_cert(SSL_CONNECTION *s, SSL_CTX *ctx, X509 *x) in ssl_cert_add1_chain_cert() argument
361 if (!ssl_cert_add0_chain_cert(s, ctx, x)) { in ssl_cert_add1_chain_cert()
434 X509_STORE_CTX *ctx = NULL; in ssl_verify_internal() local
455 ctx = X509_STORE_CTX_new_ex(sctx->libctx, sctx->propq); in ssl_verify_internal()
456 if (ctx == NULL) { in ssl_verify_internal()
463 if (!X509_STORE_CTX_init(ctx, verify_store, x, sk)) { in ssl_verify_internal()
468 if (!X509_STORE_CTX_init_rpk(ctx, verify_store, rpk)) { in ssl_verify_internal()
473 param = X509_STORE_CTX_get0_param(ctx); in ssl_verify_internal()
483 X509_STORE_CTX_set_flags(ctx, tls1_suiteb(s)); in ssl_verify_internal()
484 if (!X509_STORE_CTX_set_ex_data(ctx, in ssl_verify_internal()
491 X509_STORE_CTX_set0_dane(ctx, &s->dane); in ssl_verify_internal()
509 X509_STORE_CTX_set_ocsp_resp(ctx, s->ext.ocsp.resp_ex); in ssl_verify_internal()
519 X509_STORE_CTX_set_default(ctx, s->server ? "ssl_client" : "ssl_server"); in ssl_verify_internal()
526 X509_STORE_CTX_set_verify_cb(ctx, s->verify_callback); in ssl_verify_internal()
529 i = sctx->app_verify_callback(ctx, sctx->app_verify_arg); in ssl_verify_internal()
531 i = X509_verify_cert(ctx); in ssl_verify_internal()
537 s->verify_result = X509_STORE_CTX_get_error(ctx); in ssl_verify_internal()
541 if (sk != NULL && X509_STORE_CTX_get0_chain(ctx) != NULL) { in ssl_verify_internal()
542 s->verified_chain = X509_STORE_CTX_get1_chain(ctx); in ssl_verify_internal()
553 X509_STORE_CTX_free(ctx); in ssl_verify_internal()
622 void SSL_CTX_set0_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list) in SSL_CTX_set0_CA_list() argument
624 set0_CA_list(&ctx->ca_names, name_list); in SSL_CTX_set0_CA_list()
627 const STACK_OF(X509_NAME) *SSL_CTX_get0_CA_list(const SSL_CTX *ctx) in STACK_OF()
629 return ctx->ca_names; in STACK_OF()
639 return sc->ca_names != NULL ? sc->ca_names : s->ctx->ca_names; in STACK_OF()
642 void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK_OF(X509_NAME) *name_list) in SSL_CTX_set_client_CA_list() argument
644 set0_CA_list(&ctx->client_ca_names, name_list); in SSL_CTX_set_client_CA_list()
647 STACK_OF(X509_NAME) *SSL_CTX_get_client_CA_list(const SSL_CTX *ctx) in STACK_OF()
649 return ctx->client_ca_names; in STACK_OF()
682 : s->ctx->client_ca_names; in STACK_OF()
714 int SSL_CTX_add1_to_CA_list(SSL_CTX *ctx, const X509 *x) in SSL_CTX_add1_to_CA_list() argument
716 return add_ca_name(&ctx->ca_names, x); in SSL_CTX_add1_to_CA_list()
733 int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x) in SSL_CTX_add_client_CA() argument
735 return add_ca_name(&ctx->client_ca_names, x); in SSL_CTX_add_client_CA()
1026 OSSL_STORE_CTX *ctx = NULL; in add_uris_recursive() local
1031 if ((ctx = OSSL_STORE_open(uri, NULL, NULL, NULL, NULL)) == NULL) in add_uris_recursive()
1034 while (!OSSL_STORE_eof(ctx) && !OSSL_STORE_error(ctx)) { in add_uris_recursive()
1037 if ((info = OSSL_STORE_load(ctx)) == NULL) in add_uris_recursive()
1074 OSSL_STORE_close(ctx); in add_uris_recursive()
1091 int ssl_build_cert_chain(SSL_CONNECTION *s, SSL_CTX *ctx, int flags) in ssl_build_cert_chain() argument
1093 CERT *c = s != NULL ? s->cert : ctx->cert; in ssl_build_cert_chain()
1099 SSL_CTX *real_ctx = (s == NULL) ? ctx : SSL_CONNECTION_GET_CTX(s); in ssl_build_cert_chain()
1177 rv = ssl_security_cert(s, ctx, x, 0, 0); in ssl_build_cert_chain()
1220 int ssl_get_security_level_bits(const SSL *s, const SSL_CTX *ctx, int *levelp) in ssl_get_security_level_bits() argument
1230 if (ctx != NULL) in ssl_get_security_level_bits()
1231 level = SSL_CTX_get_security_level(ctx); in ssl_get_security_level_bits()
1246 static int ssl_security_default_callback(const SSL *s, const SSL_CTX *ctx, in ssl_security_default_callback() argument
1253 minbits = ssl_get_security_level_bits(s, ctx, &level); in ssl_security_default_callback()
1324 int ssl_ctx_security(const SSL_CTX *ctx, int op, int bits, int nid, void *other) in ssl_ctx_security() argument
1326 return ctx->cert->sec_cb(NULL, ctx, op, bits, nid, other, in ssl_ctx_security()
1327 ctx->cert->sec_ex); in ssl_ctx_security()
1330 int ssl_cert_lookup_by_nid(int nid, size_t *pidx, SSL_CTX *ctx) in ssl_cert_lookup_by_nid() argument
1340 for (i = 0; i < ctx->sigalg_list_len; i++) { in ssl_cert_lookup_by_nid()
1341 if (ctx->ssl_cert_info[i].nid == nid) { in ssl_cert_lookup_by_nid()
1349 const SSL_CERT_LOOKUP *ssl_cert_lookup_by_pkey(const EVP_PKEY *pk, size_t *pidx, SSL_CTX *ctx) in ssl_cert_lookup_by_pkey() argument
1365 for (i = 0; i < ctx->sigalg_list_len; i++) { in ssl_cert_lookup_by_pkey()
1366 SSL_CERT_LOOKUP *tmp_lu = &(ctx->ssl_cert_info[i]); in ssl_cert_lookup_by_pkey()
1372 return &ctx->ssl_cert_info[i]; in ssl_cert_lookup_by_pkey()
1379 const SSL_CERT_LOOKUP *ssl_cert_lookup_by_idx(size_t idx, SSL_CTX *ctx) in ssl_cert_lookup_by_idx() argument
1381 if (idx >= (OSSL_NELEM(ssl_cert_info) + ctx->sigalg_list_len)) in ssl_cert_lookup_by_idx()
1384 return &(ctx->ssl_cert_info[idx - SSL_PKEY_NUM]); in ssl_cert_lookup_by_idx()