79 static CURLcode wssl_init_ctx(struct curl_tls_ctx *ctx,  in wssl_init_ctx()  argument
94   ctx->wssl.ctx = wolfSSL_CTX_new(wolfTLSv1_3_client_method());  in wssl_init_ctx()
95   if(!ctx->wssl.ctx) {  in wssl_init_ctx()
106   wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);  in wssl_init_ctx()
108   if(wolfSSL_CTX_set_cipher_list(ctx->wssl.ctx, conn_config->cipher_list13 ?  in wssl_init_ctx()
118   if(wolfSSL_CTX_set1_groups_list(ctx->wssl.ctx, conn_config->curves ?  in wssl_init_ctx()
130     wolfSSL_CTX_set_keylog_callback(ctx->wssl.ctx, keylog_callback);  in wssl_init_ctx()
142     wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_PEER, NULL);  in wssl_init_ctx()
147         wolfSSL_CTX_load_verify_locations_ex(ctx->wssl.ctx, ssl_cafile,  in wssl_init_ctx()
166       wolfSSL_CTX_set_default_verify_paths(ctx->wssl.ctx);  in wssl_init_ctx()
171     wolfSSL_CTX_set_verify(ctx->wssl.ctx, SSL_VERIFY_NONE, NULL);  in wssl_init_ctx()
177     result = (*data->set.ssl.fsslctx)(data, ctx->wssl.ctx,  in wssl_init_ctx()
188   if(result && ctx->wssl.ctx) {  in wssl_init_ctx()
189     SSL_CTX_free(ctx->wssl.ctx);  in wssl_init_ctx()
190     ctx->wssl.ctx = NULL;  in wssl_init_ctx()
197 static CURLcode wssl_init_ssl(struct curl_tls_ctx *ctx,  in wssl_init_ssl()  argument
206   DEBUGASSERT(!ctx->wssl.handle);  in wssl_init_ssl()
207   DEBUGASSERT(ctx->wssl.ctx);  in wssl_init_ssl()
208   ctx->wssl.handle = wolfSSL_new(ctx->wssl.ctx);  in wssl_init_ssl()
210   wolfSSL_set_app_data(ctx->wssl.handle, user_data);  in wssl_init_ssl()
211   wolfSSL_set_connect_state(ctx->wssl.handle);  in wssl_init_ssl()
212   wolfSSL_set_quic_use_legacy_codepoint(ctx->wssl.handle, 0);  in wssl_init_ssl()
215     wolfSSL_set_alpn_protos(ctx->wssl.handle, (const unsigned char *)alpn,  in wssl_init_ssl()
219     wolfSSL_UseSNI(ctx->wssl.handle, WOLFSSL_SNI_HOST_NAME,  in wssl_init_ssl()
224     (void)wssl_setup_session(cf, data, &ctx->wssl, peer);  in wssl_init_ssl()
231 CURLcode Curl_vquic_tls_init(struct curl_tls_ctx *ctx,  in Curl_vquic_tls_init()  argument
243   return Curl_ossl_ctx_init(&ctx->ossl, cf, data, peer, TRNSPRT_QUIC,  in Curl_vquic_tls_init()
248   return Curl_gtls_ctx_init(&ctx->gtls, cf, data, peer,  in Curl_vquic_tls_init()
252   result = wssl_init_ctx(ctx, cf, data, cb_setup, cb_user_data);  in Curl_vquic_tls_init()
256   return wssl_init_ssl(ctx, cf, data, peer, alpn, alpn_len, ssl_user_data);  in Curl_vquic_tls_init()
263 void Curl_vquic_tls_cleanup(struct curl_tls_ctx *ctx)  in Curl_vquic_tls_cleanup()  argument
266   if(ctx->ossl.ssl)  in Curl_vquic_tls_cleanup()
267     SSL_free(ctx->ossl.ssl);  in Curl_vquic_tls_cleanup()
268   if(ctx->ossl.ssl_ctx)  in Curl_vquic_tls_cleanup()
269     SSL_CTX_free(ctx->ossl.ssl_ctx);  in Curl_vquic_tls_cleanup()
271   if(ctx->gtls.session)  in Curl_vquic_tls_cleanup()
272     gnutls_deinit(ctx->gtls.session);  in Curl_vquic_tls_cleanup()
273   Curl_gtls_shared_creds_free(&ctx->gtls.shared_creds);  in Curl_vquic_tls_cleanup()
275   if(ctx->wssl.handle)  in Curl_vquic_tls_cleanup()
276     wolfSSL_free(ctx->wssl.handle);  in Curl_vquic_tls_cleanup()
277   if(ctx->wssl.ctx)  in Curl_vquic_tls_cleanup()
278     wolfSSL_CTX_free(ctx->wssl.ctx);  in Curl_vquic_tls_cleanup()
280   memset(ctx, 0, sizeof(*ctx));  in Curl_vquic_tls_cleanup()
283 CURLcode Curl_vquic_tls_before_recv(struct curl_tls_ctx *ctx,  in Curl_vquic_tls_before_recv()  argument
288   if(!ctx->ossl.x509_store_setup) {  in Curl_vquic_tls_before_recv()
289     CURLcode result = Curl_ssl_setup_x509_store(cf, data, ctx->ossl.ssl_ctx);  in Curl_vquic_tls_before_recv()
292     ctx->ossl.x509_store_setup = TRUE;  in Curl_vquic_tls_before_recv()
295   if(!ctx->wssl.x509_store_setup) {  in Curl_vquic_tls_before_recv()
296     CURLcode result = Curl_wssl_setup_x509_store(cf, data, &ctx->wssl);  in Curl_vquic_tls_before_recv()
301   if(!ctx->gtls.shared_creds->trust_setup) {  in Curl_vquic_tls_before_recv()
302     CURLcode result = Curl_gtls_client_trust_setup(cf, data, &ctx->gtls);  in Curl_vquic_tls_before_recv()
307   (void)ctx; (void)cf; (void)data;  in Curl_vquic_tls_before_recv()
312 CURLcode Curl_vquic_tls_verify_peer(struct curl_tls_ctx *ctx,  in Curl_vquic_tls_verify_peer()  argument
326   result = Curl_oss_check_peer_cert(cf, data, &ctx->ossl, peer);  in Curl_vquic_tls_verify_peer()
329     result = Curl_gtls_verifyserver(data, ctx->gtls.session,  in Curl_vquic_tls_verify_peer()
339       WOLFSSL_X509* cert = wolfSSL_get_peer_certificate(ctx->wssl.handle);  in Curl_vquic_tls_verify_peer()

Last Index update Mon Nov 25 20:08:26 UTC 2024

Dedicated to & Maintained by Room-11