Lines Matching refs:s
36 unsigned char *s, size_t t, size_t *u) in ssl_undefined_function_3() argument
47 size_t s, unsigned char *t) in ssl_undefined_function_5()
58 size_t s, const char *t, size_t u, in ssl_undefined_function_7() argument
83 SSL *s; member
569 int SSL_clear(SSL *s) in SSL_clear() argument
571 if (s->method == NULL) { in SSL_clear()
576 return s->method->ssl_reset(s); in SSL_clear()
579 int ossl_ssl_connection_reset(SSL *s) in ossl_ssl_connection_reset() argument
581 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ossl_ssl_connection_reset()
609 sc->version = s->method->version; in ossl_ssl_connection_reset()
644 if (s->method != s->defltmeth) { in ossl_ssl_connection_reset()
645 s->method->ssl_deinit(s); in ossl_ssl_connection_reset()
646 s->method = s->defltmeth; in ossl_ssl_connection_reset()
647 if (!s->method->ssl_init(s)) in ossl_ssl_connection_reset()
650 if (!s->method->ssl_clear(s)) in ossl_ssl_connection_reset()
734 SSL_CONNECTION *s; in ossl_ssl_connection_new_int() local
737 s = OPENSSL_zalloc(sizeof(*s)); in ossl_ssl_connection_new_int()
738 if (s == NULL) in ossl_ssl_connection_new_int()
741 ssl = &s->ssl; in ossl_ssl_connection_new_int()
742 s->user_ssl = (user_ssl == NULL) ? ssl : user_ssl; in ossl_ssl_connection_new_int()
745 OPENSSL_free(s); in ossl_ssl_connection_new_int()
746 s = NULL; in ossl_ssl_connection_new_int()
751 RECORD_LAYER_init(&s->rlayer, s); in ossl_ssl_connection_new_int()
753 s->options = ctx->options; in ossl_ssl_connection_new_int()
755 s->dane.flags = ctx->dane.flags; in ossl_ssl_connection_new_int()
757 s->min_proto_version = ctx->min_proto_version; in ossl_ssl_connection_new_int()
758 s->max_proto_version = ctx->max_proto_version; in ossl_ssl_connection_new_int()
761 s->mode = ctx->mode; in ossl_ssl_connection_new_int()
762 s->max_cert_list = ctx->max_cert_list; in ossl_ssl_connection_new_int()
763 s->max_early_data = ctx->max_early_data; in ossl_ssl_connection_new_int()
764 s->recv_max_early_data = ctx->recv_max_early_data; in ossl_ssl_connection_new_int()
766 s->num_tickets = ctx->num_tickets; in ossl_ssl_connection_new_int()
767 s->pha_enabled = ctx->pha_enabled; in ossl_ssl_connection_new_int()
770 s->tls13_ciphersuites = sk_SSL_CIPHER_dup(ctx->tls13_ciphersuites); in ossl_ssl_connection_new_int()
771 if (s->tls13_ciphersuites == NULL) in ossl_ssl_connection_new_int()
783 s->cert = ssl_cert_dup(ctx->cert); in ossl_ssl_connection_new_int()
784 if (s->cert == NULL) in ossl_ssl_connection_new_int()
787 RECORD_LAYER_set_read_ahead(&s->rlayer, ctx->read_ahead); in ossl_ssl_connection_new_int()
788 s->msg_callback = ctx->msg_callback; in ossl_ssl_connection_new_int()
789 s->msg_callback_arg = ctx->msg_callback_arg; in ossl_ssl_connection_new_int()
790 s->verify_mode = ctx->verify_mode; in ossl_ssl_connection_new_int()
791 s->not_resumable_session_cb = ctx->not_resumable_session_cb; in ossl_ssl_connection_new_int()
792 s->rlayer.record_padding_cb = ctx->record_padding_cb; in ossl_ssl_connection_new_int()
793 s->rlayer.record_padding_arg = ctx->record_padding_arg; in ossl_ssl_connection_new_int()
794 s->rlayer.block_padding = ctx->block_padding; in ossl_ssl_connection_new_int()
795 s->rlayer.hs_padding = ctx->hs_padding; in ossl_ssl_connection_new_int()
796 s->sid_ctx_length = ctx->sid_ctx_length; in ossl_ssl_connection_new_int()
797 if (!ossl_assert(s->sid_ctx_length <= sizeof(s->sid_ctx))) in ossl_ssl_connection_new_int()
799 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx)); in ossl_ssl_connection_new_int()
800 s->verify_callback = ctx->default_verify_callback; in ossl_ssl_connection_new_int()
801 s->generate_session_id = ctx->generate_session_id; in ossl_ssl_connection_new_int()
803 s->param = X509_VERIFY_PARAM_new(); in ossl_ssl_connection_new_int()
804 if (s->param == NULL) in ossl_ssl_connection_new_int()
806 X509_VERIFY_PARAM_inherit(s->param, ctx->param); in ossl_ssl_connection_new_int()
807 s->quiet_shutdown = IS_QUIC_CTX(ctx) ? 0 : ctx->quiet_shutdown; in ossl_ssl_connection_new_int()
810 s->ext.max_fragment_len_mode = ctx->ext.max_fragment_len_mode; in ossl_ssl_connection_new_int()
812 s->max_send_fragment = ctx->max_send_fragment; in ossl_ssl_connection_new_int()
813 s->split_send_fragment = ctx->split_send_fragment; in ossl_ssl_connection_new_int()
814 s->max_pipelines = ctx->max_pipelines; in ossl_ssl_connection_new_int()
815 s->rlayer.default_read_buf_len = ctx->default_read_buf_len; in ossl_ssl_connection_new_int()
817 s->ext.debug_cb = 0; in ossl_ssl_connection_new_int()
818 s->ext.debug_arg = NULL; in ossl_ssl_connection_new_int()
819 s->ext.ticket_expected = 0; in ossl_ssl_connection_new_int()
820 s->ext.status_type = ctx->ext.status_type; in ossl_ssl_connection_new_int()
821 s->ext.status_expected = 0; in ossl_ssl_connection_new_int()
822 s->ext.ocsp.ids = NULL; in ossl_ssl_connection_new_int()
823 s->ext.ocsp.exts = NULL; in ossl_ssl_connection_new_int()
824 s->ext.ocsp.resp = NULL; in ossl_ssl_connection_new_int()
825 s->ext.ocsp.resp_len = 0; in ossl_ssl_connection_new_int()
827 s->session_ctx = ctx; in ossl_ssl_connection_new_int()
829 s->ext.ecpointformats = in ossl_ssl_connection_new_int()
832 if (!s->ext.ecpointformats) { in ossl_ssl_connection_new_int()
833 s->ext.ecpointformats_len = 0; in ossl_ssl_connection_new_int()
836 s->ext.ecpointformats_len = in ossl_ssl_connection_new_int()
840 s->ext.supportedgroups = in ossl_ssl_connection_new_int()
844 if (!s->ext.supportedgroups) { in ossl_ssl_connection_new_int()
845 s->ext.supportedgroups_len = 0; in ossl_ssl_connection_new_int()
848 s->ext.supportedgroups_len = ctx->ext.supportedgroups_len; in ossl_ssl_connection_new_int()
852 s->ext.npn = NULL; in ossl_ssl_connection_new_int()
856 s->ext.alpn = OPENSSL_malloc(ctx->ext.alpn_len); in ossl_ssl_connection_new_int()
857 if (s->ext.alpn == NULL) { in ossl_ssl_connection_new_int()
858 s->ext.alpn_len = 0; in ossl_ssl_connection_new_int()
861 memcpy(s->ext.alpn, ctx->ext.alpn, ctx->ext.alpn_len); in ossl_ssl_connection_new_int()
862 s->ext.alpn_len = ctx->ext.alpn_len; in ossl_ssl_connection_new_int()
865 s->verified_chain = NULL; in ossl_ssl_connection_new_int()
866 s->verify_result = X509_V_OK; in ossl_ssl_connection_new_int()
868 s->default_passwd_callback = ctx->default_passwd_callback; in ossl_ssl_connection_new_int()
869 s->default_passwd_callback_userdata = ctx->default_passwd_callback_userdata; in ossl_ssl_connection_new_int()
871 s->key_update = SSL_KEY_UPDATE_NONE; in ossl_ssl_connection_new_int()
874 s->allow_early_data_cb = ctx->allow_early_data_cb; in ossl_ssl_connection_new_int()
875 s->allow_early_data_cb_data = ctx->allow_early_data_cb_data; in ossl_ssl_connection_new_int()
881 s->server = (method->ssl_accept == ssl_undefined_function) ? 0 : 1; in ossl_ssl_connection_new_int()
887 s->psk_client_callback = ctx->psk_client_callback; in ossl_ssl_connection_new_int()
888 s->psk_server_callback = ctx->psk_server_callback; in ossl_ssl_connection_new_int()
890 s->psk_find_session_cb = ctx->psk_find_session_cb; in ossl_ssl_connection_new_int()
891 s->psk_use_session_cb = ctx->psk_use_session_cb; in ossl_ssl_connection_new_int()
893 s->async_cb = ctx->async_cb; in ossl_ssl_connection_new_int()
894 s->async_cb_arg = ctx->async_cb_arg; in ossl_ssl_connection_new_int()
896 s->job = NULL; in ossl_ssl_connection_new_int()
899 memcpy(s->cert_comp_prefs, ctx->cert_comp_prefs, sizeof(s->cert_comp_prefs)); in ossl_ssl_connection_new_int()
902 s->client_cert_type = OPENSSL_memdup(ctx->client_cert_type, in ossl_ssl_connection_new_int()
904 if (s->client_cert_type == NULL) in ossl_ssl_connection_new_int()
906 s->client_cert_type_len = ctx->client_cert_type_len; in ossl_ssl_connection_new_int()
909 s->server_cert_type = OPENSSL_memdup(ctx->server_cert_type, in ossl_ssl_connection_new_int()
911 if (s->server_cert_type == NULL) in ossl_ssl_connection_new_int()
913 s->server_cert_type_len = ctx->server_cert_type_len; in ossl_ssl_connection_new_int()
922 s->ssl_pkey_num = SSL_PKEY_NUM + ctx->sigalg_list_len; in ossl_ssl_connection_new_int()
942 int SSL_is_dtls(const SSL *s) in SSL_is_dtls() argument
944 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_is_dtls()
947 if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO) in SSL_is_dtls()
957 int SSL_is_tls(const SSL *s) in SSL_is_tls() argument
959 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_is_tls()
962 if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO) in SSL_is_tls()
972 int SSL_is_quic(const SSL *s) in SSL_is_quic() argument
975 if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO) in SSL_is_quic()
981 int SSL_up_ref(SSL *s) in SSL_up_ref() argument
985 if (CRYPTO_UP_REF(&s->references, &i) <= 0) in SSL_up_ref()
988 REF_PRINT_COUNT("SSL", s); in SSL_up_ref()
1071 int SSL_CTX_set_purpose(SSL_CTX *s, int purpose) in SSL_CTX_set_purpose() argument
1073 return X509_VERIFY_PARAM_set_purpose(s->param, purpose); in SSL_CTX_set_purpose()
1076 int SSL_set_purpose(SSL *s, int purpose) in SSL_set_purpose() argument
1078 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_purpose()
1086 int SSL_CTX_set_trust(SSL_CTX *s, int trust) in SSL_CTX_set_trust() argument
1088 return X509_VERIFY_PARAM_set_trust(s->param, trust); in SSL_CTX_set_trust()
1091 int SSL_set_trust(SSL *s, int trust) in SSL_set_trust() argument
1093 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_trust()
1101 int SSL_set1_host(SSL *s, const char *hostname) in SSL_set1_host() argument
1103 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set1_host()
1117 int SSL_add1_host(SSL *s, const char *hostname) in SSL_add1_host() argument
1119 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_add1_host()
1149 void SSL_set_hostflags(SSL *s, unsigned int flags) in SSL_set_hostflags() argument
1151 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_hostflags()
1159 const char *SSL_get0_peername(SSL *s) in SSL_get0_peername() argument
1161 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get0_peername()
1190 int SSL_dane_enable(SSL *s, const char *basedomain) in SSL_dane_enable() argument
1193 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_dane_enable()
1199 if (s->ctx->dane.mdmax == 0) { in SSL_dane_enable()
1214 if (!SSL_set_tlsext_host_name(s, basedomain)) { in SSL_dane_enable()
1228 dane->dctx = &s->ctx->dane; in SSL_dane_enable()
1266 int SSL_get0_dane_authority(SSL *s, X509 **mcert, EVP_PKEY **mspki) in SSL_get0_dane_authority() argument
1269 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get0_dane_authority()
1287 int SSL_get0_dane_tlsa(SSL *s, uint8_t *usage, uint8_t *selector, in SSL_get0_dane_tlsa() argument
1291 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get0_dane_tlsa()
1315 SSL_DANE *SSL_get0_dane(SSL *s) in SSL_get0_dane() argument
1317 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get0_dane()
1325 int SSL_dane_tlsa_add(SSL *s, uint8_t usage, uint8_t selector, in SSL_dane_tlsa_add() argument
1328 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_dane_tlsa_add()
1372 void SSL_certs_clear(SSL *s) in SSL_certs_clear() argument
1374 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_certs_clear()
1382 void SSL_free(SSL *s) in SSL_free() argument
1386 if (s == NULL) in SSL_free()
1388 CRYPTO_DOWN_REF(&s->references, &i); in SSL_free()
1389 REF_PRINT_COUNT("SSL", s); in SSL_free()
1394 CRYPTO_free_ex_data(CRYPTO_EX_INDEX_SSL, s, &s->ex_data); in SSL_free()
1396 if (s->method != NULL) in SSL_free()
1397 s->method->ssl_free(s); in SSL_free()
1399 SSL_CTX_free(s->ctx); in SSL_free()
1400 CRYPTO_THREAD_lock_free(s->lock); in SSL_free()
1401 CRYPTO_FREE_REF(&s->references); in SSL_free()
1403 OPENSSL_free(s); in SSL_free()
1408 SSL_CONNECTION *s; in ossl_ssl_connection_free() local
1410 s = SSL_CONNECTION_FROM_SSL_ONLY(ssl); in ossl_ssl_connection_free()
1411 if (s == NULL) in ossl_ssl_connection_free()
1414 X509_VERIFY_PARAM_free(s->param); in ossl_ssl_connection_free()
1415 dane_final(&s->dane); in ossl_ssl_connection_free()
1418 ssl_free_wbio_buffer(s); in ossl_ssl_connection_free()
1421 RECORD_LAYER_clear(&s->rlayer); in ossl_ssl_connection_free()
1423 BUF_MEM_free(s->init_buf); in ossl_ssl_connection_free()
1426 sk_SSL_CIPHER_free(s->cipher_list); in ossl_ssl_connection_free()
1427 sk_SSL_CIPHER_free(s->cipher_list_by_id); in ossl_ssl_connection_free()
1428 sk_SSL_CIPHER_free(s->tls13_ciphersuites); in ossl_ssl_connection_free()
1429 sk_SSL_CIPHER_free(s->peer_ciphers); in ossl_ssl_connection_free()
1432 if (s->session != NULL) { in ossl_ssl_connection_free()
1433 ssl_clear_bad_session(s); in ossl_ssl_connection_free()
1434 SSL_SESSION_free(s->session); in ossl_ssl_connection_free()
1436 SSL_SESSION_free(s->psksession); in ossl_ssl_connection_free()
1437 OPENSSL_free(s->psksession_id); in ossl_ssl_connection_free()
1439 ssl_cert_free(s->cert); in ossl_ssl_connection_free()
1440 OPENSSL_free(s->shared_sigalgs); in ossl_ssl_connection_free()
1443 OPENSSL_free(s->ext.hostname); in ossl_ssl_connection_free()
1444 SSL_CTX_free(s->session_ctx); in ossl_ssl_connection_free()
1445 OPENSSL_free(s->ext.ecpointformats); in ossl_ssl_connection_free()
1446 OPENSSL_free(s->ext.peer_ecpointformats); in ossl_ssl_connection_free()
1447 OPENSSL_free(s->ext.supportedgroups); in ossl_ssl_connection_free()
1448 OPENSSL_free(s->ext.peer_supportedgroups); in ossl_ssl_connection_free()
1449 sk_X509_EXTENSION_pop_free(s->ext.ocsp.exts, X509_EXTENSION_free); in ossl_ssl_connection_free()
1451 sk_OCSP_RESPID_pop_free(s->ext.ocsp.ids, OCSP_RESPID_free); in ossl_ssl_connection_free()
1454 SCT_LIST_free(s->scts); in ossl_ssl_connection_free()
1455 OPENSSL_free(s->ext.scts); in ossl_ssl_connection_free()
1457 OPENSSL_free(s->ext.ocsp.resp); in ossl_ssl_connection_free()
1458 OPENSSL_free(s->ext.alpn); in ossl_ssl_connection_free()
1459 OPENSSL_free(s->ext.tls13_cookie); in ossl_ssl_connection_free()
1460 if (s->clienthello != NULL) in ossl_ssl_connection_free()
1461 OPENSSL_free(s->clienthello->pre_proc_exts); in ossl_ssl_connection_free()
1462 OPENSSL_free(s->clienthello); in ossl_ssl_connection_free()
1463 OPENSSL_free(s->pha_context); in ossl_ssl_connection_free()
1464 EVP_MD_CTX_free(s->pha_dgst); in ossl_ssl_connection_free()
1466 sk_X509_NAME_pop_free(s->ca_names, X509_NAME_free); in ossl_ssl_connection_free()
1467 sk_X509_NAME_pop_free(s->client_ca_names, X509_NAME_free); in ossl_ssl_connection_free()
1469 OPENSSL_free(s->client_cert_type); in ossl_ssl_connection_free()
1470 OPENSSL_free(s->server_cert_type); in ossl_ssl_connection_free()
1472 OSSL_STACK_OF_X509_free(s->verified_chain); in ossl_ssl_connection_free()
1477 ASYNC_WAIT_CTX_free(s->waitctx); in ossl_ssl_connection_free()
1480 OPENSSL_free(s->ext.npn); in ossl_ssl_connection_free()
1484 sk_SRTP_PROTECTION_PROFILE_free(s->srtp_profiles); in ossl_ssl_connection_free()
1493 BIO_free_all(s->wbio); in ossl_ssl_connection_free()
1494 s->wbio = NULL; in ossl_ssl_connection_free()
1495 BIO_free_all(s->rbio); in ossl_ssl_connection_free()
1496 s->rbio = NULL; in ossl_ssl_connection_free()
1497 OPENSSL_free(s->s3.tmp.valid_flags); in ossl_ssl_connection_free()
1500 void SSL_set0_rbio(SSL *s, BIO *rbio) in SSL_set0_rbio() argument
1502 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set0_rbio()
1505 if (IS_QUIC(s)) { in SSL_set0_rbio()
1506 ossl_quic_conn_set0_net_rbio(s, rbio); in SSL_set0_rbio()
1519 void SSL_set0_wbio(SSL *s, BIO *wbio) in SSL_set0_wbio() argument
1521 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set0_wbio()
1524 if (IS_QUIC(s)) { in SSL_set0_wbio()
1525 ossl_quic_conn_set0_net_wbio(s, wbio); in SSL_set0_wbio()
1549 void SSL_set_bio(SSL *s, BIO *rbio, BIO *wbio) in SSL_set_bio() argument
1557 if (rbio == SSL_get_rbio(s) && wbio == SSL_get_wbio(s)) in SSL_set_bio()
1570 if (rbio == SSL_get_rbio(s)) { in SSL_set_bio()
1571 SSL_set0_wbio(s, wbio); in SSL_set_bio()
1579 if (wbio == SSL_get_wbio(s) && SSL_get_rbio(s) != SSL_get_wbio(s)) { in SSL_set_bio()
1580 SSL_set0_rbio(s, rbio); in SSL_set_bio()
1585 SSL_set0_rbio(s, rbio); in SSL_set_bio()
1586 SSL_set0_wbio(s, wbio); in SSL_set_bio()
1589 BIO *SSL_get_rbio(const SSL *s) in SSL_get_rbio() argument
1591 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_rbio()
1594 if (IS_QUIC(s)) in SSL_get_rbio()
1595 return ossl_quic_conn_get_net_rbio(s); in SSL_get_rbio()
1604 BIO *SSL_get_wbio(const SSL *s) in SSL_get_wbio() argument
1606 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_wbio()
1609 if (IS_QUIC(s)) in SSL_get_wbio()
1610 return ossl_quic_conn_get_net_wbio(s); in SSL_get_wbio()
1626 int SSL_get_fd(const SSL *s) in SSL_get_fd() argument
1628 return SSL_get_rfd(s); in SSL_get_fd()
1631 int SSL_get_rfd(const SSL *s) in SSL_get_rfd() argument
1636 b = SSL_get_rbio(s); in SSL_get_rfd()
1643 int SSL_get_wfd(const SSL *s) in SSL_get_wfd() argument
1648 b = SSL_get_wbio(s); in SSL_get_wfd()
1656 static const BIO_METHOD *fd_method(SSL *s) in fd_method() argument
1659 if (IS_QUIC(s)) in fd_method()
1666 int SSL_set_fd(SSL *s, int fd) in SSL_set_fd() argument
1671 if (s->type == SSL_TYPE_QUIC_XSO) { in SSL_set_fd()
1676 bio = BIO_new(fd_method(s)); in SSL_set_fd()
1683 SSL_set_bio(s, bio, bio); in SSL_set_fd()
1698 int SSL_set_wfd(SSL *s, int fd) in SSL_set_wfd() argument
1700 BIO *rbio = SSL_get_rbio(s); in SSL_set_wfd()
1701 int desired_type = IS_QUIC(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET; in SSL_set_wfd()
1703 if (s->type == SSL_TYPE_QUIC_XSO) { in SSL_set_wfd()
1710 BIO *bio = BIO_new(fd_method(s)); in SSL_set_wfd()
1717 SSL_set0_wbio(s, bio); in SSL_set_wfd()
1729 SSL_set0_wbio(s, rbio); in SSL_set_wfd()
1734 int SSL_set_rfd(SSL *s, int fd) in SSL_set_rfd() argument
1736 BIO *wbio = SSL_get_wbio(s); in SSL_set_rfd()
1737 int desired_type = IS_QUIC(s) ? BIO_TYPE_DGRAM : BIO_TYPE_SOCKET; in SSL_set_rfd()
1739 if (s->type == SSL_TYPE_QUIC_XSO) { in SSL_set_rfd()
1746 BIO *bio = BIO_new(fd_method(s)); in SSL_set_rfd()
1753 SSL_set0_rbio(s, bio); in SSL_set_rfd()
1756 SSL_set0_rbio(s, wbio); in SSL_set_rfd()
1764 size_t SSL_get_finished(const SSL *s, void *buf, size_t count) in SSL_get_finished() argument
1767 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_finished()
1780 size_t SSL_get_peer_finished(const SSL *s, void *buf, size_t count) in SSL_get_peer_finished() argument
1783 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_peer_finished()
1795 int SSL_get_verify_mode(const SSL *s) in SSL_get_verify_mode() argument
1797 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_verify_mode()
1805 int SSL_get_verify_depth(const SSL *s) in SSL_get_verify_depth() argument
1807 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_verify_depth()
1815 int (*SSL_get_verify_callback(const SSL *s)) (int, X509_STORE_CTX *) { in SSL_get_verify_callback() argument
1816 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_verify_callback()
1838 void SSL_set_verify(SSL *s, int mode, in SSL_set_verify() argument
1841 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_verify()
1851 void SSL_set_verify_depth(SSL *s, int depth) in SSL_set_verify_depth() argument
1853 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_verify_depth()
1861 void SSL_set_read_ahead(SSL *s, int yes) in SSL_set_read_ahead() argument
1863 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_read_ahead()
1879 int SSL_get_read_ahead(const SSL *s) in SSL_get_read_ahead() argument
1881 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); in SSL_get_read_ahead()
1889 int SSL_pending(const SSL *s) in SSL_pending() argument
1891 size_t pending = s->method->ssl_pending(s); in SSL_pending()
1906 int SSL_has_pending(const SSL *s) in SSL_has_pending() argument
1919 if (IS_QUIC(s)) in SSL_has_pending()
1920 return ossl_quic_has_pending(s); in SSL_has_pending()
1923 sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_has_pending()
1944 X509 *SSL_get1_peer_certificate(const SSL *s) in SSL_get1_peer_certificate() argument
1946 X509 *r = SSL_get0_peer_certificate(s); in SSL_get1_peer_certificate()
1954 X509 *SSL_get0_peer_certificate(const SSL *s) in SSL_get0_peer_certificate() argument
1956 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get0_peer_certificate()
1967 STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *s) in STACK_OF()
1970 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in STACK_OF()
2063 int SSL_waiting_for_async(SSL *s) in SSL_waiting_for_async() argument
2065 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_waiting_for_async()
2076 int SSL_get_all_async_fds(SSL *s, OSSL_ASYNC_FD *fds, size_t *numfds) in SSL_get_all_async_fds() argument
2079 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_all_async_fds()
2089 int SSL_get_changed_async_fds(SSL *s, OSSL_ASYNC_FD *addfd, size_t *numaddfds, in SSL_get_changed_async_fds() argument
2093 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_changed_async_fds()
2116 int SSL_set_async_callback(SSL *s, SSL_async_callback_fn callback) in SSL_set_async_callback() argument
2118 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_async_callback()
2127 int SSL_set_async_callback_arg(SSL *s, void *arg) in SSL_set_async_callback_arg() argument
2129 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_async_callback_arg()
2138 int SSL_get_async_status(SSL *s, int *status) in SSL_get_async_status() argument
2141 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_async_status()
2152 int SSL_accept(SSL *s) in SSL_accept() argument
2154 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_accept()
2157 if (IS_QUIC(s)) in SSL_accept()
2158 return s->method->ssl_accept(s); in SSL_accept()
2166 SSL_set_accept_state(s); in SSL_accept()
2169 return SSL_do_handshake(s); in SSL_accept()
2172 int SSL_connect(SSL *s) in SSL_connect() argument
2174 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_connect()
2177 if (IS_QUIC(s)) in SSL_connect()
2178 return s->method->ssl_connect(s); in SSL_connect()
2186 SSL_set_connect_state(s); in SSL_connect()
2189 return SSL_do_handshake(s); in SSL_connect()
2192 long SSL_get_default_timeout(const SSL *s) in SSL_get_default_timeout() argument
2194 return (long int)ossl_time2seconds(s->method->get_timeout()); in SSL_get_default_timeout()
2199 SSL *s = (SSL *)arg; in ssl_async_wait_ctx_cb() local
2200 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ssl_async_wait_ctx_cb()
2205 return sc->async_cb(s, sc->async_cb_arg); in ssl_async_wait_ctx_cb()
2208 static int ssl_start_async_job(SSL *s, struct ssl_async_args *args, in ssl_start_async_job() argument
2212 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ssl_start_async_job()
2223 (sc->waitctx, ssl_async_wait_ctx_cb, s)) in ssl_start_async_job()
2254 SSL *s; in ssl_io_intern() local
2260 s = args->s; in ssl_io_intern()
2263 if ((sc = SSL_CONNECTION_FROM_SSL(s)) == NULL) in ssl_io_intern()
2268 return args->f.func_read(s, buf, num, &sc->asyncrw); in ssl_io_intern()
2270 return args->f.func_write(s, buf, num, &sc->asyncrw); in ssl_io_intern()
2272 return args->f.func_other(s); in ssl_io_intern()
2277 int ssl_read_internal(SSL *s, void *buf, size_t num, size_t *readbytes) in ssl_read_internal() argument
2279 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ssl_read_internal()
2282 if (IS_QUIC(s)) in ssl_read_internal()
2283 return s->method->ssl_read(s, buf, num, readbytes); in ssl_read_internal()
2314 args.s = s; in ssl_read_internal()
2318 args.f.func_read = s->method->ssl_read; in ssl_read_internal()
2320 ret = ssl_start_async_job(s, &args, ssl_io_intern); in ssl_read_internal()
2324 return s->method->ssl_read(s, buf, num, readbytes); in ssl_read_internal()
2328 int SSL_read(SSL *s, void *buf, int num) in SSL_read() argument
2338 ret = ssl_read_internal(s, buf, (size_t)num, &readbytes); in SSL_read()
2350 int SSL_read_ex(SSL *s, void *buf, size_t num, size_t *readbytes) in SSL_read_ex() argument
2352 int ret = ssl_read_internal(s, buf, num, readbytes); in SSL_read_ex()
2359 int SSL_read_early_data(SSL *s, void *buf, size_t num, size_t *readbytes) in SSL_read_early_data() argument
2362 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_read_early_data()
2372 if (!SSL_in_before(s)) { in SSL_read_early_data()
2380 ret = SSL_accept(s); in SSL_read_early_data()
2391 ret = SSL_read_ex(s, buf, num, readbytes); in SSL_read_early_data()
2415 int SSL_get_early_data_status(const SSL *s) in SSL_get_early_data_status() argument
2417 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); in SSL_get_early_data_status()
2426 static int ssl_peek_internal(SSL *s, void *buf, size_t num, size_t *readbytes) in ssl_peek_internal() argument
2428 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ssl_peek_internal()
2431 if (IS_QUIC(s)) in ssl_peek_internal()
2432 return s->method->ssl_peek(s, buf, num, readbytes); in ssl_peek_internal()
2450 args.s = s; in ssl_peek_internal()
2454 args.f.func_read = s->method->ssl_peek; in ssl_peek_internal()
2456 ret = ssl_start_async_job(s, &args, ssl_io_intern); in ssl_peek_internal()
2460 return s->method->ssl_peek(s, buf, num, readbytes); in ssl_peek_internal()
2464 int SSL_peek(SSL *s, void *buf, int num) in SSL_peek() argument
2474 ret = ssl_peek_internal(s, buf, (size_t)num, &readbytes); in SSL_peek()
2487 int SSL_peek_ex(SSL *s, void *buf, size_t num, size_t *readbytes) in SSL_peek_ex() argument
2489 int ret = ssl_peek_internal(s, buf, num, readbytes); in SSL_peek_ex()
2496 int ssl_write_internal(SSL *s, const void *buf, size_t num, in ssl_write_internal() argument
2499 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ssl_write_internal()
2502 if (IS_QUIC(s)) in ssl_write_internal()
2503 return ossl_quic_write_flags(s, buf, num, flags, written); in ssl_write_internal()
2538 args.s = s; in ssl_write_internal()
2542 args.f.func_write = s->method->ssl_write; in ssl_write_internal()
2544 ret = ssl_start_async_job(s, &args, ssl_io_intern); in ssl_write_internal()
2548 return s->method->ssl_write(s, buf, num, written); in ssl_write_internal()
2552 ossl_ssize_t SSL_sendfile(SSL *s, int fd, off_t offset, size_t size, int flags) in SSL_sendfile() argument
2555 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_sendfile()
2578 ret = (ossl_ssize_t)s->method->ssl_dispatch_alert(s); in SSL_sendfile()
2603 ret = ktls_sendfile(SSL_get_wfd(s), fd, offset, size, flags); in SSL_sendfile()
2621 int SSL_write(SSL *s, const void *buf, int num) in SSL_write() argument
2631 ret = ssl_write_internal(s, buf, (size_t)num, 0, &written); in SSL_write()
2643 int SSL_write_ex(SSL *s, const void *buf, size_t num, size_t *written) in SSL_write_ex() argument
2645 return SSL_write_ex2(s, buf, num, 0, written); in SSL_write_ex()
2648 int SSL_write_ex2(SSL *s, const void *buf, size_t num, uint64_t flags, in SSL_write_ex2() argument
2651 int ret = ssl_write_internal(s, buf, num, flags, written); in SSL_write_ex2()
2658 int SSL_write_early_data(SSL *s, const void *buf, size_t num, size_t *written) in SSL_write_early_data() argument
2663 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_write_early_data()
2672 || !SSL_in_before(s) in SSL_write_early_data()
2682 ret = SSL_connect(s); in SSL_write_early_data()
2699 ret = SSL_write_ex(s, buf, num, &writtmp); in SSL_write_early_data()
2721 ret = SSL_write_ex(s, buf, num, written); in SSL_write_early_data()
2734 int SSL_shutdown(SSL *s) in SSL_shutdown() argument
2742 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_shutdown()
2745 if (IS_QUIC(s)) in SSL_shutdown()
2746 return ossl_quic_conn_shutdown(s, 0, NULL, 0); in SSL_shutdown()
2757 if (!SSL_in_init(s)) { in SSL_shutdown()
2762 args.s = s; in SSL_shutdown()
2764 args.f.func_other = s->method->ssl_shutdown; in SSL_shutdown()
2766 return ssl_start_async_job(s, &args, ssl_io_intern); in SSL_shutdown()
2768 return s->method->ssl_shutdown(s); in SSL_shutdown()
2776 int SSL_key_update(SSL *s, int updatetype) in SSL_key_update() argument
2778 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_key_update()
2781 if (IS_QUIC(s)) in SSL_key_update()
2782 return ossl_quic_key_update(s, updatetype); in SSL_key_update()
2799 if (!SSL_is_init_finished(s)) { in SSL_key_update()
2814 int SSL_get_key_update_type(const SSL *s) in SSL_get_key_update_type() argument
2816 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_key_update_type()
2819 if (IS_QUIC(s)) in SSL_get_key_update_type()
2820 return ossl_quic_get_key_update_type(s); in SSL_get_key_update_type()
2848 int SSL_renegotiate(SSL *s) in SSL_renegotiate() argument
2850 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_renegotiate()
2860 return s->method->ssl_renegotiate(s); in SSL_renegotiate()
2863 int SSL_renegotiate_abbreviated(SSL *s) in SSL_renegotiate_abbreviated() argument
2865 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_renegotiate_abbreviated()
2875 return s->method->ssl_renegotiate(s); in SSL_renegotiate_abbreviated()
2878 int SSL_renegotiate_pending(const SSL *s) in SSL_renegotiate_pending() argument
2880 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_renegotiate_pending()
2892 int SSL_new_session_ticket(SSL *s) in SSL_new_session_ticket() argument
2894 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_new_session_ticket()
2900 if ((SSL_in_init(s) && sc->ext.extra_tickets_expected == 0) in SSL_new_session_ticket()
2905 if (!RECORD_LAYER_write_pending(&sc->rlayer) && !SSL_in_init(s)) in SSL_new_session_ticket()
2910 long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) in SSL_ctrl() argument
2912 return ossl_ctrl_internal(s, cmd, larg, parg, /*no_quic=*/0); in SSL_ctrl()
2915 long ossl_ctrl_internal(SSL *s, int cmd, long larg, void *parg, int no_quic) in ossl_ctrl_internal() argument
2918 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ossl_ctrl_internal()
2935 if (!no_quic && IS_QUIC(s)) in ossl_ctrl_internal()
2936 return s->method->ssl_ctrl(s, cmd, larg, parg); in ossl_ctrl_internal()
3018 if (!sc->session || SSL_in_init(s) || ossl_statem_get_in_handshake(sc)) in ossl_ctrl_internal()
3026 && ssl_set_version_bound(s->defltmeth->version, (int)larg, in ossl_ctrl_internal()
3032 && ssl_set_version_bound(s->defltmeth->version, (int)larg, in ossl_ctrl_internal()
3037 if (IS_QUIC(s)) in ossl_ctrl_internal()
3040 return s->method->ssl_ctrl(s, cmd, larg, parg); in ossl_ctrl_internal()
3044 long SSL_callback_ctrl(SSL *s, int cmd, void (*fp) (void)) in SSL_callback_ctrl() argument
3046 return s->method->ssl_callback_ctrl(s, cmd, fp); in SSL_callback_ctrl()
3221 STACK_OF(SSL_CIPHER) *SSL_get_ciphers(const SSL *s) in STACK_OF()
3223 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in STACK_OF()
3228 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) { in STACK_OF()
3229 return s->ctx->cipher_list; in STACK_OF()
3235 STACK_OF(SSL_CIPHER) *SSL_get_client_ciphers(const SSL *s) in STACK_OF()
3237 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in STACK_OF()
3244 STACK_OF(SSL_CIPHER) *SSL_get1_supported_ciphers(SSL *s) in STACK_OF()
3248 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in STACK_OF()
3253 ciphers = SSL_get_ciphers(s); in STACK_OF()
3276 STACK_OF(SSL_CIPHER) *ssl_get_ciphers_by_id(SSL_CONNECTION *s) in STACK_OF()
3278 if (s != NULL) { in STACK_OF()
3279 if (s->cipher_list_by_id != NULL) in STACK_OF()
3280 return s->cipher_list_by_id; in STACK_OF()
3281 else if (s->ssl.ctx != NULL in STACK_OF()
3282 && s->ssl.ctx->cipher_list_by_id != NULL) in STACK_OF()
3283 return s->ssl.ctx->cipher_list_by_id; in STACK_OF()
3289 const char *SSL_get_cipher_list(const SSL *s, int n) in SSL_get_cipher_list() argument
3294 if (s == NULL) in SSL_get_cipher_list()
3296 sk = SSL_get_ciphers(s); in SSL_get_cipher_list()
3359 int SSL_set_cipher_list(SSL *s, const char *str) in SSL_set_cipher_list() argument
3362 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_cipher_list()
3368 ctx = s->ctx; in SSL_set_cipher_list()
3382 char *SSL_get_shared_ciphers(const SSL *s, char *buf, int size) in SSL_get_shared_ciphers() argument
3388 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_shared_ciphers()
3400 srvrsk = SSL_get_ciphers(s); in SSL_get_shared_ciphers()
3440 const char *SSL_get_servername(const SSL *s, const int type) in SSL_get_servername() argument
3442 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_servername()
3499 if (SSL_in_before(s)) { in SSL_get_servername()
3514 int SSL_get_servername_type(const SSL *s) in SSL_get_servername_type() argument
3516 if (SSL_get_servername(s, TLSEXT_NAMETYPE_host_name) != NULL) in SSL_get_servername_type()
3605 void SSL_get0_next_proto_negotiated(const SSL *s, const unsigned char **data, in SSL_get0_next_proto_negotiated() argument
3608 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get0_next_proto_negotiated()
3785 int SSL_export_keying_material(SSL *s, unsigned char *out, size_t olen, in SSL_export_keying_material() argument
3790 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_export_keying_material()
3805 int SSL_export_keying_material_early(SSL *s, unsigned char *out, size_t olen, in SSL_export_keying_material_early() argument
3810 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_export_keying_material_early()
4401 void SSL_set_default_passwd_cb(SSL *s, pem_password_cb *cb) in SSL_set_default_passwd_cb() argument
4403 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_default_passwd_cb()
4411 void SSL_set_default_passwd_cb_userdata(SSL *s, void *u) in SSL_set_default_passwd_cb_userdata() argument
4413 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_default_passwd_cb_userdata()
4421 pem_password_cb *SSL_get_default_passwd_cb(SSL *s) in SSL_get_default_passwd_cb() argument
4423 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_default_passwd_cb()
4431 void *SSL_get_default_passwd_cb_userdata(SSL *s) in SSL_get_default_passwd_cb_userdata() argument
4433 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_default_passwd_cb_userdata()
4466 void SSL_set_cert_cb(SSL *s, int (*cb) (SSL *ssl, void *arg), void *arg) in SSL_set_cert_cb() argument
4468 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_cert_cb()
4476 void ssl_set_masks(SSL_CONNECTION *s) in ssl_set_masks() argument
4478 CERT *c = s->cert; in ssl_set_masks()
4479 uint32_t *pvalid = s->s3.tmp.valid_flags; in ssl_set_masks()
4502 if (ssl_has_cert(s, SSL_PKEY_GOST12_512)) { in ssl_set_masks()
4506 if (ssl_has_cert(s, SSL_PKEY_GOST12_256)) { in ssl_set_masks()
4510 if (ssl_has_cert(s, SSL_PKEY_GOST01)) { in ssl_set_masks()
4527 if (rsa_enc || rsa_sign || (ssl_has_cert(s, SSL_PKEY_RSA_PSS_SIGN) in ssl_set_masks()
4529 && TLS1_get_version(&s->ssl) == TLS1_2_VERSION)) in ssl_set_masks()
4548 if (TLS1_get_version(&s->ssl) == TLS1_2_VERSION) { in ssl_set_masks()
4570 if (!(mask_a & SSL_aECDSA) && ssl_has_cert(s, SSL_PKEY_ED25519) in ssl_set_masks()
4572 && TLS1_get_version(&s->ssl) == TLS1_2_VERSION) in ssl_set_masks()
4576 if (!(mask_a & SSL_aECDSA) && ssl_has_cert(s, SSL_PKEY_ED448) in ssl_set_masks()
4578 && TLS1_get_version(&s->ssl) == TLS1_2_VERSION) in ssl_set_masks()
4594 s->s3.tmp.mask_k = mask_k; in ssl_set_masks()
4595 s->s3.tmp.mask_a = mask_a; in ssl_set_masks()
4598 int ssl_check_srvr_ecc_cert_and_alg(X509 *x, SSL_CONNECTION *s) in ssl_check_srvr_ecc_cert_and_alg() argument
4600 if (s->s3.tmp.new_cipher->algorithm_auth & SSL_aECDSA) { in ssl_check_srvr_ecc_cert_and_alg()
4610 int ssl_get_server_cert_serverinfo(SSL_CONNECTION *s, in ssl_get_server_cert_serverinfo() argument
4614 CERT_PKEY *cpk = s->s3.tmp.cert; in ssl_get_server_cert_serverinfo()
4625 void ssl_update_cache(SSL_CONNECTION *s, int mode) in ssl_update_cache() argument
4634 if (s->session->session_id_length == 0 || s->session->not_resumable) in ssl_update_cache()
4646 if (s->server && s->session->sid_ctx_length == 0 in ssl_update_cache()
4647 && (s->verify_mode & SSL_VERIFY_PEER) != 0) in ssl_update_cache()
4650 i = s->session_ctx->session_cache_mode; in ssl_update_cache()
4652 && (!s->hit || SSL_CONNECTION_IS_TLS13(s))) { in ssl_update_cache()
4665 && (!SSL_CONNECTION_IS_TLS13(s) in ssl_update_cache()
4666 || !s->server in ssl_update_cache()
4667 || (s->max_early_data > 0 in ssl_update_cache()
4668 && (s->options & SSL_OP_NO_ANTI_REPLAY) == 0) in ssl_update_cache()
4669 || s->session_ctx->remove_session_cb != NULL in ssl_update_cache()
4670 || (s->options & SSL_OP_NO_TICKET) != 0)) in ssl_update_cache()
4671 SSL_CTX_add_session(s->session_ctx, s->session); in ssl_update_cache()
4678 if (s->session_ctx->new_session_cb != NULL) { in ssl_update_cache()
4679 SSL_SESSION_up_ref(s->session); in ssl_update_cache()
4680 if (!s->session_ctx->new_session_cb(SSL_CONNECTION_GET_USER_SSL(s), in ssl_update_cache()
4681 s->session)) in ssl_update_cache()
4682 SSL_SESSION_free(s->session); in ssl_update_cache()
4691 stat = &s->session_ctx->stats.sess_connect_good; in ssl_update_cache()
4693 stat = &s->session_ctx->stats.sess_accept_good; in ssl_update_cache()
4694 if ((ssl_tsan_load(s->session_ctx, stat) & 0xff) == 0xff) in ssl_update_cache()
4695 SSL_CTX_flush_sessions_ex(s->session_ctx, time(NULL)); in ssl_update_cache()
4704 const SSL_METHOD *SSL_get_ssl_method(const SSL *s) in SSL_get_ssl_method() argument
4706 return s->method; in SSL_get_ssl_method()
4709 int SSL_set_ssl_method(SSL *s, const SSL_METHOD *meth) in SSL_set_ssl_method() argument
4712 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_ssl_method()
4716 || (s->type != SSL_TYPE_SSL_CONNECTION && s->method != meth) in SSL_set_ssl_method()
4717 || (s->type == SSL_TYPE_SSL_CONNECTION && IS_QUIC_METHOD(meth))) in SSL_set_ssl_method()
4720 if (s->method != meth) { in SSL_set_ssl_method()
4721 const SSL_METHOD *sm = s->method; in SSL_set_ssl_method()
4725 s->method = meth; in SSL_set_ssl_method()
4727 sm->ssl_deinit(s); in SSL_set_ssl_method()
4728 s->method = meth; in SSL_set_ssl_method()
4729 ret = s->method->ssl_init(s); in SSL_set_ssl_method()
4740 int SSL_get_error(const SSL *s, int i) in SSL_get_error() argument
4742 return ossl_ssl_get_error(s, i, /*check_err=*/1); in SSL_get_error()
4745 int ossl_ssl_get_error(const SSL *s, int i, int check_err) in ossl_ssl_get_error() argument
4750 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in ossl_ssl_get_error()
4756 if (IS_QUIC(s)) { in ossl_ssl_get_error()
4757 reason = ossl_quic_get_error(s, i); in ossl_ssl_get_error()
4778 if (!IS_QUIC(s)) in ossl_ssl_get_error()
4781 if (SSL_want_read(s)) { in ossl_ssl_get_error()
4782 bio = SSL_get_rbio(s); in ossl_ssl_get_error()
4807 if (SSL_want_write(s)) { in ossl_ssl_get_error()
4832 if (SSL_want_x509_lookup(s)) in ossl_ssl_get_error()
4834 if (SSL_want_retry_verify(s)) in ossl_ssl_get_error()
4836 if (SSL_want_async(s)) in ossl_ssl_get_error()
4838 if (SSL_want_async_job(s)) in ossl_ssl_get_error()
4840 if (SSL_want_client_hello_cb(s)) in ossl_ssl_get_error()
4853 SSL *s = args->s; in ssl_do_handshake_intern() local
4854 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in ssl_do_handshake_intern()
4859 return sc->handshake_func(s); in ssl_do_handshake_intern()
4862 int SSL_do_handshake(SSL *s) in SSL_do_handshake() argument
4865 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_do_handshake()
4868 if (IS_QUIC(s)) in SSL_do_handshake()
4869 return ossl_quic_do_handshake(s); in SSL_do_handshake()
4879 s->method->ssl_renegotiate_check(s, 0); in SSL_do_handshake()
4881 if (SSL_in_init(s) || SSL_in_before(s)) { in SSL_do_handshake()
4886 args.s = s; in SSL_do_handshake()
4888 ret = ssl_start_async_job(s, &args, ssl_do_handshake_intern); in SSL_do_handshake()
4890 ret = sc->handshake_func(s); in SSL_do_handshake()
4896 void SSL_set_accept_state(SSL *s) in SSL_set_accept_state() argument
4898 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_accept_state()
4901 if (IS_QUIC(s)) { in SSL_set_accept_state()
4902 ossl_quic_set_accept_state(s); in SSL_set_accept_state()
4910 sc->handshake_func = s->method->ssl_accept; in SSL_set_accept_state()
4915 void SSL_set_connect_state(SSL *s) in SSL_set_connect_state() argument
4917 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_connect_state()
4920 if (IS_QUIC(s)) { in SSL_set_connect_state()
4921 ossl_quic_set_connect_state(s); in SSL_set_connect_state()
4929 sc->handshake_func = s->method->ssl_connect; in SSL_set_connect_state()
4934 int ssl_undefined_function(SSL *s) in ssl_undefined_function() argument
4978 const char *SSL_get_version(const SSL *s) in SSL_get_version() argument
4980 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_version()
4984 if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO) in SSL_get_version()
4994 __owur int SSL_get_handshake_rtt(const SSL *s, uint64_t *rtt) in SSL_get_handshake_rtt() argument
4996 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_handshake_rtt()
5039 SSL *SSL_dup(SSL *s) in SSL_dup() argument
5045 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_dup()
5051 if (!SSL_in_init(s) || !SSL_in_before(s)) { in SSL_dup()
5052 CRYPTO_UP_REF(&s->references, &i); in SSL_dup()
5053 return s; in SSL_dup()
5059 if ((ret = SSL_new(SSL_get_SSL_CTX(s))) == NULL) in SSL_dup()
5069 if (!SSL_copy_session_id(ret, s)) in SSL_dup()
5078 if (!SSL_set_ssl_method(ret, s->method)) in SSL_dup()
5100 SSL_set_max_cert_list(ret, SSL_get_max_cert_list(s)); in SSL_dup()
5101 SSL_set_read_ahead(ret, SSL_get_read_ahead(s)); in SSL_dup()
5104 SSL_set_verify(ret, SSL_get_verify_mode(s), SSL_get_verify_callback(s)); in SSL_dup()
5105 SSL_set_verify_depth(ret, SSL_get_verify_depth(s)); in SSL_dup()
5108 SSL_set_info_callback(ret, SSL_get_info_callback(s)); in SSL_dup()
5111 if (!CRYPTO_dup_ex_data(CRYPTO_EX_INDEX_SSL, &ret->ex_data, &s->ex_data)) in SSL_dup()
5151 X509 *SSL_get_certificate(const SSL *s) in SSL_get_certificate() argument
5153 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_certificate()
5164 EVP_PKEY *SSL_get_privatekey(const SSL *s) in SSL_get_privatekey() argument
5166 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_privatekey()
5193 const SSL_CIPHER *SSL_get_current_cipher(const SSL *s) in SSL_get_current_cipher() argument
5195 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_current_cipher()
5205 const SSL_CIPHER *SSL_get_pending_cipher(const SSL *s) in SSL_get_pending_cipher() argument
5207 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_pending_cipher()
5215 const COMP_METHOD *SSL_get_current_compression(const SSL *s) in SSL_get_current_compression() argument
5218 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); in SSL_get_current_compression()
5229 const COMP_METHOD *SSL_get_current_expansion(const SSL *s) in SSL_get_current_expansion() argument
5232 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); in SSL_get_current_expansion()
5243 int ssl_init_wbio_buffer(SSL_CONNECTION *s) in ssl_init_wbio_buffer() argument
5247 if (s->bbio != NULL) { in ssl_init_wbio_buffer()
5258 s->bbio = bbio; in ssl_init_wbio_buffer()
5259 s->wbio = BIO_push(bbio, s->wbio); in ssl_init_wbio_buffer()
5261 s->rlayer.wrlmethod->set1_bio(s->rlayer.wrl, s->wbio); in ssl_init_wbio_buffer()
5266 int ssl_free_wbio_buffer(SSL_CONNECTION *s) in ssl_free_wbio_buffer() argument
5269 if (s->bbio == NULL) in ssl_free_wbio_buffer()
5272 s->wbio = BIO_pop(s->wbio); in ssl_free_wbio_buffer()
5273 s->rlayer.wrlmethod->set1_bio(s->rlayer.wrl, s->wbio); in ssl_free_wbio_buffer()
5275 BIO_free(s->bbio); in ssl_free_wbio_buffer()
5276 s->bbio = NULL; in ssl_free_wbio_buffer()
5291 void SSL_set_quiet_shutdown(SSL *s, int mode) in SSL_set_quiet_shutdown() argument
5293 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_quiet_shutdown()
5302 int SSL_get_quiet_shutdown(const SSL *s) in SSL_get_quiet_shutdown() argument
5304 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); in SSL_get_quiet_shutdown()
5313 void SSL_set_shutdown(SSL *s, int mode) in SSL_set_shutdown() argument
5315 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_shutdown()
5324 int SSL_get_shutdown(const SSL *s) in SSL_get_shutdown() argument
5326 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL_ONLY(s); in SSL_get_shutdown()
5330 if (IS_QUIC(s)) in SSL_get_shutdown()
5331 return ossl_quic_get_shutdown(s); in SSL_get_shutdown()
5340 int SSL_version(const SSL *s) in SSL_version() argument
5342 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_version()
5346 if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO) in SSL_version()
5355 int SSL_client_version(const SSL *s) in SSL_client_version() argument
5357 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_client_version()
5361 if (s->type == SSL_TYPE_QUIC_CONNECTION || s->type == SSL_TYPE_QUIC_XSO) in SSL_client_version()
5617 int SSL_set_ex_data(SSL *s, int idx, void *arg) in SSL_set_ex_data() argument
5619 return CRYPTO_set_ex_data(&s->ex_data, idx, arg); in SSL_set_ex_data()
5622 void *SSL_get_ex_data(const SSL *s, int idx) in SSL_get_ex_data() argument
5624 return CRYPTO_get_ex_data(&s->ex_data, idx); in SSL_get_ex_data()
5627 int SSL_CTX_set_ex_data(SSL_CTX *s, int idx, void *arg) in SSL_CTX_set_ex_data() argument
5629 return CRYPTO_set_ex_data(&s->ex_data, idx, arg); in SSL_CTX_set_ex_data()
5632 void *SSL_CTX_get_ex_data(const SSL_CTX *s, int idx) in SSL_CTX_get_ex_data() argument
5634 return CRYPTO_get_ex_data(&s->ex_data, idx); in SSL_CTX_get_ex_data()
5655 int SSL_want(const SSL *s) in SSL_want() argument
5657 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_want()
5660 if (IS_QUIC(s)) in SSL_want()
5661 return ossl_quic_want(s); in SSL_want()
5687 int SSL_use_psk_identity_hint(SSL *s, const char *identity_hint) in SSL_use_psk_identity_hint() argument
5689 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_use_psk_identity_hint()
5708 const char *SSL_get_psk_identity_hint(const SSL *s) in SSL_get_psk_identity_hint() argument
5710 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_psk_identity_hint()
5718 const char *SSL_get_psk_identity(const SSL *s) in SSL_get_psk_identity() argument
5720 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_psk_identity()
5728 void SSL_set_psk_client_callback(SSL *s, SSL_psk_client_cb_func cb) in SSL_set_psk_client_callback() argument
5730 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_psk_client_callback()
5743 void SSL_set_psk_server_callback(SSL *s, SSL_psk_server_cb_func cb) in SSL_set_psk_server_callback() argument
5745 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_psk_server_callback()
5759 void SSL_set_psk_find_session_callback(SSL *s, SSL_psk_find_session_cb_func cb) in SSL_set_psk_find_session_callback() argument
5761 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_psk_find_session_callback()
5775 void SSL_set_psk_use_session_callback(SSL *s, SSL_psk_use_session_cb_func cb) in SSL_set_psk_use_session_callback() argument
5777 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_psk_use_session_callback()
5941 int SSL_set_num_tickets(SSL *s, size_t num_tickets) in SSL_set_num_tickets() argument
5943 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_num_tickets()
5953 size_t SSL_get_num_tickets(const SSL *s) in SSL_get_num_tickets() argument
5955 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_num_tickets()
5976 int ssl_handshake_hash(SSL_CONNECTION *s, in ssl_handshake_hash() argument
5981 EVP_MD_CTX *hdgst = s->s3.handshake_dgst; in ssl_handshake_hash()
5986 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in ssl_handshake_hash()
5992 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in ssl_handshake_hash()
5998 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in ssl_handshake_hash()
6010 int SSL_session_reused(const SSL *s) in SSL_session_reused() argument
6012 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_session_reused()
6020 int SSL_is_server(const SSL *s) in SSL_is_server() argument
6022 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_is_server()
6031 void SSL_set_debug(SSL *s, int debug) in SSL_set_debug() argument
6034 (void)s; in SSL_set_debug()
6039 void SSL_set_security_level(SSL *s, int level) in SSL_set_security_level() argument
6041 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_security_level()
6049 int SSL_get_security_level(const SSL *s) in SSL_get_security_level() argument
6051 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_security_level()
6059 void SSL_set_security_callback(SSL *s, in SSL_set_security_callback() argument
6060 int (*cb) (const SSL *s, const SSL_CTX *ctx, in SSL_set_security_callback()
6064 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_security_callback()
6072 int (*SSL_get_security_callback(const SSL *s)) (const SSL *s, in SSL_get_security_callback() argument
6076 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_security_callback()
6084 void SSL_set0_security_ex_data(SSL *s, void *ex) in SSL_set0_security_ex_data() argument
6086 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set0_security_ex_data()
6094 void *SSL_get0_security_ex_data(const SSL *s) in SSL_get0_security_ex_data() argument
6096 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get0_security_ex_data()
6115 int (*cb) (const SSL *s, const SSL_CTX *ctx, in SSL_CTX_set_security_callback()
6122 int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s, in SSL_CTX_get_security_callback()
6146 uint64_t SSL_get_options(const SSL *s) in SSL_get_options() argument
6148 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_options()
6151 if (IS_QUIC(s)) in SSL_get_options()
6152 return ossl_quic_get_options(s); in SSL_get_options()
6166 uint64_t SSL_set_options(SSL *s, uint64_t op) in SSL_set_options() argument
6172 if (IS_QUIC(s)) in SSL_set_options()
6173 return ossl_quic_set_options(s, op); in SSL_set_options()
6176 sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_options()
6198 uint64_t SSL_clear_options(SSL *s, uint64_t op) in SSL_clear_options() argument
6200 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_clear_options()
6204 if (IS_QUIC(s)) in SSL_clear_options()
6205 return ossl_quic_clear_options(s, op); in SSL_clear_options()
6224 STACK_OF(X509) *SSL_get0_verified_chain(const SSL *s) in STACK_OF()
6226 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in STACK_OF()
6280 static int ct_extract_tls_extension_scts(SSL_CONNECTION *s) in ct_extract_tls_extension_scts() argument
6284 if (s->ext.scts != NULL) { in ct_extract_tls_extension_scts()
6285 const unsigned char *p = s->ext.scts; in ct_extract_tls_extension_scts()
6286 STACK_OF(SCT) *scts = o2i_SCT_LIST(NULL, &p, s->ext.scts_len); in ct_extract_tls_extension_scts()
6288 scts_extracted = ct_move_scts(&s->scts, scts, SCT_SOURCE_TLS_EXTENSION); in ct_extract_tls_extension_scts()
6304 static int ct_extract_ocsp_response_scts(SSL_CONNECTION *s) in ct_extract_ocsp_response_scts() argument
6314 if (s->ext.ocsp.resp == NULL || s->ext.ocsp.resp_len == 0) in ct_extract_ocsp_response_scts()
6317 p = s->ext.ocsp.resp; in ct_extract_ocsp_response_scts()
6318 rsp = d2i_OCSP_RESPONSE(NULL, &p, (int)s->ext.ocsp.resp_len); in ct_extract_ocsp_response_scts()
6335 ct_move_scts(&s->scts, scts, SCT_SOURCE_OCSP_STAPLED_RESPONSE); in ct_extract_ocsp_response_scts()
6355 static int ct_extract_x509v3_extension_scts(SSL_CONNECTION *s) in ct_extract_x509v3_extension_scts() argument
6358 X509 *cert = s->session != NULL ? s->session->peer : NULL; in ct_extract_x509v3_extension_scts()
6365 ct_move_scts(&s->scts, scts, SCT_SOURCE_X509V3_EXTENSION); in ct_extract_x509v3_extension_scts()
6378 const STACK_OF(SCT) *SSL_get0_peer_scts(SSL *s) in STACK_OF()
6380 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in STACK_OF()
6421 int SSL_set_ct_validation_callback(SSL *s, ssl_ct_validation_cb callback, in SSL_set_ct_validation_callback() argument
6424 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set_ct_validation_callback()
6433 if (callback != NULL && SSL_CTX_has_client_custom_ext(s->ctx, in SSL_set_ct_validation_callback()
6444 if (!SSL_set_tlsext_status_type(s, TLSEXT_STATUSTYPE_ocsp)) in SSL_set_ct_validation_callback()
6473 int SSL_ct_is_enabled(const SSL *s) in SSL_ct_is_enabled() argument
6475 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_ct_is_enabled()
6488 int ssl_validate_ct(SSL_CONNECTION *s) in ssl_validate_ct() argument
6491 X509 *cert = s->session != NULL ? s->session->peer : NULL; in ssl_validate_ct()
6493 SSL_DANE *dane = &s->dane; in ssl_validate_ct()
6508 if (s->ct_validation_callback == NULL || cert == NULL || in ssl_validate_ct()
6509 s->verify_result != X509_V_OK || in ssl_validate_ct()
6510 s->verified_chain == NULL || sk_X509_num(s->verified_chain) <= 1) in ssl_validate_ct()
6525 ctx = CT_POLICY_EVAL_CTX_new_ex(SSL_CONNECTION_GET_CTX(s)->libctx, in ssl_validate_ct()
6526 SSL_CONNECTION_GET_CTX(s)->propq); in ssl_validate_ct()
6528 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CT_LIB); in ssl_validate_ct()
6532 issuer = sk_X509_value(s->verified_chain, 1); in ssl_validate_ct()
6536 SSL_CONNECTION_GET_CTX(s)->ctlog_store); in ssl_validate_ct()
6538 ctx, (uint64_t)SSL_SESSION_get_time_ex(s->session) * 1000); in ssl_validate_ct()
6540 scts = SSL_get0_peer_scts(SSL_CONNECTION_GET_SSL(s)); in ssl_validate_ct()
6557 SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_SCT_VERIFICATION_FAILED); in ssl_validate_ct()
6561 ret = s->ct_validation_callback(ctx, scts, s->ct_validation_callback_arg); in ssl_validate_ct()
6565 SSLfatal(s, SSL_AD_HANDSHAKE_FAILURE, SSL_R_CALLBACK_FAILED); in ssl_validate_ct()
6585 s->verify_result = X509_V_ERR_NO_VALID_SCTS; in ssl_validate_ct()
6602 int SSL_enable_ct(SSL *s, int validation_mode) in SSL_enable_ct() argument
6609 return SSL_set_ct_validation_callback(s, ct_permissive, NULL); in SSL_enable_ct()
6611 return SSL_set_ct_validation_callback(s, ct_strict, NULL); in SSL_enable_ct()
6645 int SSL_client_hello_isv2(SSL *s) in SSL_client_hello_isv2() argument
6647 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_isv2()
6657 unsigned int SSL_client_hello_get0_legacy_version(SSL *s) in SSL_client_hello_get0_legacy_version() argument
6659 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get0_legacy_version()
6669 size_t SSL_client_hello_get0_random(SSL *s, const unsigned char **out) in SSL_client_hello_get0_random() argument
6671 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get0_random()
6683 size_t SSL_client_hello_get0_session_id(SSL *s, const unsigned char **out) in SSL_client_hello_get0_session_id() argument
6685 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get0_session_id()
6697 size_t SSL_client_hello_get0_ciphers(SSL *s, const unsigned char **out) in SSL_client_hello_get0_ciphers() argument
6699 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get0_ciphers()
6711 size_t SSL_client_hello_get0_compression_methods(SSL *s, const unsigned char **out) in SSL_client_hello_get0_compression_methods() argument
6713 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get0_compression_methods()
6725 int SSL_client_hello_get1_extensions_present(SSL *s, int **out, size_t *outlen) in SSL_client_hello_get1_extensions_present() argument
6730 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get1_extensions_present()
6765 int SSL_client_hello_get_extension_order(SSL *s, uint16_t *exts, size_t *num_exts) in SSL_client_hello_get_extension_order() argument
6769 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get_extension_order()
6803 int SSL_client_hello_get0_ext(SSL *s, unsigned int type, const unsigned char **out, in SSL_client_hello_get0_ext() argument
6808 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_client_hello_get0_ext()
6960 int ssl_cache_cipherlist(SSL_CONNECTION *s, PACKET *cipher_suites, int sslv2format) in ssl_cache_cipherlist() argument
6967 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_NO_CIPHERS_SPECIFIED); in ssl_cache_cipherlist()
6972 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST); in ssl_cache_cipherlist()
6976 OPENSSL_free(s->s3.tmp.ciphers_raw); in ssl_cache_cipherlist()
6977 s->s3.tmp.ciphers_raw = NULL; in ssl_cache_cipherlist()
6978 s->s3.tmp.ciphers_rawlen = 0; in ssl_cache_cipherlist()
6994 s->s3.tmp.ciphers_raw = raw; in ssl_cache_cipherlist()
6996 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); in ssl_cache_cipherlist()
6999 for (s->s3.tmp.ciphers_rawlen = 0; in ssl_cache_cipherlist()
7008 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_PACKET); in ssl_cache_cipherlist()
7009 OPENSSL_free(s->s3.tmp.ciphers_raw); in ssl_cache_cipherlist()
7010 s->s3.tmp.ciphers_raw = NULL; in ssl_cache_cipherlist()
7011 s->s3.tmp.ciphers_rawlen = 0; in ssl_cache_cipherlist()
7015 s->s3.tmp.ciphers_rawlen += TLS_CIPHER_LEN; in ssl_cache_cipherlist()
7017 } else if (!PACKET_memdup(cipher_suites, &s->s3.tmp.ciphers_raw, in ssl_cache_cipherlist()
7018 &s->s3.tmp.ciphers_rawlen)) { in ssl_cache_cipherlist()
7019 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_INTERNAL_ERROR); in ssl_cache_cipherlist()
7025 int SSL_bytes_to_cipher_list(SSL *s, const unsigned char *bytes, size_t len, in SSL_bytes_to_cipher_list() argument
7030 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_bytes_to_cipher_list()
7040 int ossl_bytes_to_cipher_list(SSL_CONNECTION *s, PACKET *cipher_suites, in ossl_bytes_to_cipher_list() argument
7056 SSLfatal(s, SSL_AD_ILLEGAL_PARAMETER, SSL_R_NO_CIPHERS_SPECIFIED); in ossl_bytes_to_cipher_list()
7064 SSLfatal(s, SSL_AD_DECODE_ERROR, in ossl_bytes_to_cipher_list()
7075 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); in ossl_bytes_to_cipher_list()
7091 c = ssl_get_cipher_by_char(s, sslv2format ? &cipher[1] : cipher, 1); in ossl_bytes_to_cipher_list()
7096 SSLfatal(s, SSL_AD_INTERNAL_ERROR, ERR_R_CRYPTO_LIB); in ossl_bytes_to_cipher_list()
7105 SSLfatal(s, SSL_AD_DECODE_ERROR, SSL_R_BAD_LENGTH); in ossl_bytes_to_cipher_list()
7138 int SSL_set_max_early_data(SSL *s, uint32_t max_early_data) in SSL_set_max_early_data() argument
7140 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_max_early_data()
7150 uint32_t SSL_get_max_early_data(const SSL *s) in SSL_get_max_early_data() argument
7152 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_max_early_data()
7172 int SSL_set_recv_max_early_data(SSL *s, uint32_t recv_max_early_data) in SSL_set_recv_max_early_data() argument
7174 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_recv_max_early_data()
7184 uint32_t SSL_get_recv_max_early_data(const SSL *s) in SSL_get_recv_max_early_data() argument
7186 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get_recv_max_early_data()
7219 int SSL_stateless(SSL *s) in SSL_stateless() argument
7222 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_stateless()
7228 if (!SSL_clear(s)) in SSL_stateless()
7234 ret = SSL_accept(s); in SSL_stateless()
7339 void SSL_set_allow_early_data_cb(SSL *s, in SSL_set_allow_early_data_cb() argument
7343 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_set_allow_early_data_cb()
7458 int SSL_set0_tmp_dh_pkey(SSL *s, EVP_PKEY *dhpkey) in SSL_set0_tmp_dh_pkey() argument
7460 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set0_tmp_dh_pkey()
7488 int SSL_handle_events(SSL *s) in SSL_handle_events() argument
7493 if (IS_QUIC(s)) in SSL_handle_events()
7494 return ossl_quic_handle_events(s); in SSL_handle_events()
7497 sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_handle_events()
7507 return DTLSv1_handle_timeout(s) >= 0; in SSL_handle_events()
7512 int SSL_get_event_timeout(SSL *s, struct timeval *tv, int *is_infinite) in SSL_get_event_timeout() argument
7517 if (IS_QUIC(s)) in SSL_get_event_timeout()
7518 return ossl_quic_get_event_timeout(s, tv, is_infinite); in SSL_get_event_timeout()
7521 sc = SSL_CONNECTION_FROM_SSL_ONLY(s); in SSL_get_event_timeout()
7523 && DTLSv1_get_timeout(s, tv)) { in SSL_get_event_timeout()
7534 int SSL_get_rpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc) in SSL_get_rpoll_descriptor() argument
7536 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_rpoll_descriptor()
7539 if (IS_QUIC(s)) in SSL_get_rpoll_descriptor()
7540 return ossl_quic_get_rpoll_descriptor(s, desc); in SSL_get_rpoll_descriptor()
7549 int SSL_get_wpoll_descriptor(SSL *s, BIO_POLL_DESCRIPTOR *desc) in SSL_get_wpoll_descriptor() argument
7551 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_wpoll_descriptor()
7554 if (IS_QUIC(s)) in SSL_get_wpoll_descriptor()
7555 return ossl_quic_get_wpoll_descriptor(s, desc); in SSL_get_wpoll_descriptor()
7564 int SSL_net_read_desired(SSL *s) in SSL_net_read_desired() argument
7567 if (!IS_QUIC(s)) in SSL_net_read_desired()
7568 return SSL_want_read(s); in SSL_net_read_desired()
7570 return ossl_quic_get_net_read_desired(s); in SSL_net_read_desired()
7572 return SSL_want_read(s); in SSL_net_read_desired()
7576 int SSL_net_write_desired(SSL *s) in SSL_net_write_desired() argument
7579 if (!IS_QUIC(s)) in SSL_net_write_desired()
7580 return SSL_want_write(s); in SSL_net_write_desired()
7582 return ossl_quic_get_net_write_desired(s); in SSL_net_write_desired()
7584 return SSL_want_write(s); in SSL_net_write_desired()
7588 int SSL_set_blocking_mode(SSL *s, int blocking) in SSL_set_blocking_mode() argument
7591 if (!IS_QUIC(s)) in SSL_set_blocking_mode()
7594 return ossl_quic_conn_set_blocking_mode(s, blocking); in SSL_set_blocking_mode()
7600 int SSL_get_blocking_mode(SSL *s) in SSL_get_blocking_mode() argument
7603 if (!IS_QUIC(s)) in SSL_get_blocking_mode()
7606 return ossl_quic_conn_get_blocking_mode(s); in SSL_get_blocking_mode()
7612 int SSL_set1_initial_peer_addr(SSL *s, const BIO_ADDR *peer_addr) in SSL_set1_initial_peer_addr() argument
7615 if (!IS_QUIC(s)) in SSL_set1_initial_peer_addr()
7618 return ossl_quic_conn_set_initial_peer_addr(s, peer_addr); in SSL_set1_initial_peer_addr()
7650 SSL *SSL_new_stream(SSL *s, uint64_t flags) in SSL_new_stream() argument
7653 if (!IS_QUIC(s)) in SSL_new_stream()
7656 return ossl_quic_conn_stream_new(s, flags); in SSL_new_stream()
7662 SSL *SSL_get0_connection(SSL *s) in SSL_get0_connection() argument
7665 if (!IS_QUIC(s)) in SSL_get0_connection()
7666 return s; in SSL_get0_connection()
7668 return ossl_quic_get0_connection(s); in SSL_get0_connection()
7670 return s; in SSL_get0_connection()
7674 int SSL_is_connection(SSL *s) in SSL_is_connection() argument
7676 return SSL_get0_connection(s) == s; in SSL_is_connection()
7679 int SSL_get_stream_type(SSL *s) in SSL_get_stream_type() argument
7682 if (!IS_QUIC(s)) in SSL_get_stream_type()
7685 return ossl_quic_get_stream_type(s); in SSL_get_stream_type()
7691 uint64_t SSL_get_stream_id(SSL *s) in SSL_get_stream_id() argument
7694 if (!IS_QUIC(s)) in SSL_get_stream_id()
7697 return ossl_quic_get_stream_id(s); in SSL_get_stream_id()
7703 int SSL_is_stream_local(SSL *s) in SSL_is_stream_local() argument
7706 if (!IS_QUIC(s)) in SSL_is_stream_local()
7709 return ossl_quic_is_stream_local(s); in SSL_is_stream_local()
7715 int SSL_set_default_stream_mode(SSL *s, uint32_t mode) in SSL_set_default_stream_mode() argument
7718 if (!IS_QUIC(s)) in SSL_set_default_stream_mode()
7721 return ossl_quic_set_default_stream_mode(s, mode); in SSL_set_default_stream_mode()
7727 int SSL_set_incoming_stream_policy(SSL *s, int policy, uint64_t aec) in SSL_set_incoming_stream_policy() argument
7730 if (!IS_QUIC(s)) in SSL_set_incoming_stream_policy()
7733 return ossl_quic_set_incoming_stream_policy(s, policy, aec); in SSL_set_incoming_stream_policy()
7739 SSL *SSL_accept_stream(SSL *s, uint64_t flags) in SSL_accept_stream() argument
7742 if (!IS_QUIC(s)) in SSL_accept_stream()
7745 return ossl_quic_accept_stream(s, flags); in SSL_accept_stream()
7751 size_t SSL_get_accept_stream_queue_len(SSL *s) in SSL_get_accept_stream_queue_len() argument
7754 if (!IS_QUIC(s)) in SSL_get_accept_stream_queue_len()
7757 return ossl_quic_get_accept_stream_queue_len(s); in SSL_get_accept_stream_queue_len()
7763 int SSL_stream_reset(SSL *s, in SSL_stream_reset() argument
7768 if (!IS_QUIC(s)) in SSL_stream_reset()
7771 return ossl_quic_stream_reset(s, args, args_len); in SSL_stream_reset()
7777 int SSL_get_stream_read_state(SSL *s) in SSL_get_stream_read_state() argument
7780 if (!IS_QUIC(s)) in SSL_get_stream_read_state()
7783 return ossl_quic_get_stream_read_state(s); in SSL_get_stream_read_state()
7789 int SSL_get_stream_write_state(SSL *s) in SSL_get_stream_write_state() argument
7792 if (!IS_QUIC(s)) in SSL_get_stream_write_state()
7795 return ossl_quic_get_stream_write_state(s); in SSL_get_stream_write_state()
7801 int SSL_get_stream_read_error_code(SSL *s, uint64_t *app_error_code) in SSL_get_stream_read_error_code() argument
7804 if (!IS_QUIC(s)) in SSL_get_stream_read_error_code()
7807 return ossl_quic_get_stream_read_error_code(s, app_error_code); in SSL_get_stream_read_error_code()
7813 int SSL_get_stream_write_error_code(SSL *s, uint64_t *app_error_code) in SSL_get_stream_write_error_code() argument
7816 if (!IS_QUIC(s)) in SSL_get_stream_write_error_code()
7819 return ossl_quic_get_stream_write_error_code(s, app_error_code); in SSL_get_stream_write_error_code()
7825 int SSL_get_conn_close_info(SSL *s, SSL_CONN_CLOSE_INFO *info, in SSL_get_conn_close_info() argument
7829 if (!IS_QUIC(s)) in SSL_get_conn_close_info()
7832 return ossl_quic_get_conn_close_info(s, info, info_len); in SSL_get_conn_close_info()
7838 int SSL_get_value_uint(SSL *s, uint32_t class_, uint32_t id, in SSL_get_value_uint() argument
7842 if (IS_QUIC(s)) in SSL_get_value_uint()
7843 return ossl_quic_get_value_uint(s, class_, id, value); in SSL_get_value_uint()
7850 int SSL_set_value_uint(SSL *s, uint32_t class_, uint32_t id, in SSL_set_value_uint() argument
7854 if (IS_QUIC(s)) in SSL_set_value_uint()
7855 return ossl_quic_set_value_uint(s, class_, id, value); in SSL_set_value_uint()
7862 int SSL_add_expected_rpk(SSL *s, EVP_PKEY *rpk) in SSL_add_expected_rpk() argument
7865 SSL_DANE *dane = SSL_get0_dane(s); in SSL_add_expected_rpk()
7873 ret = SSL_dane_tlsa_add(s, DANETLS_USAGE_DANE_EE, in SSL_add_expected_rpk()
7881 EVP_PKEY *SSL_get0_peer_rpk(const SSL *s) in SSL_get0_peer_rpk() argument
7883 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get0_peer_rpk()
7890 int SSL_get_negotiated_client_cert_type(const SSL *s) in SSL_get_negotiated_client_cert_type() argument
7892 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_negotiated_client_cert_type()
7900 int SSL_get_negotiated_server_cert_type(const SSL *s) in SSL_get_negotiated_server_cert_type() argument
7902 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_get_negotiated_server_cert_type()
7962 int SSL_set1_client_cert_type(SSL *s, const unsigned char *val, size_t len) in SSL_set1_client_cert_type() argument
7964 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set1_client_cert_type()
7970 int SSL_set1_server_cert_type(SSL *s, const unsigned char *val, size_t len) in SSL_set1_server_cert_type() argument
7972 SSL_CONNECTION *sc = SSL_CONNECTION_FROM_SSL(s); in SSL_set1_server_cert_type()
7990 int SSL_get0_client_cert_type(const SSL *s, unsigned char **t, size_t *len) in SSL_get0_client_cert_type() argument
7992 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get0_client_cert_type()
8002 int SSL_get0_server_cert_type(const SSL *s, unsigned char **t, size_t *len) in SSL_get0_server_cert_type() argument
8004 const SSL_CONNECTION *sc = SSL_CONNECTION_FROM_CONST_SSL(s); in SSL_get0_server_cert_type()
