167 	SSL_CTX *ctx;  member
194 	SSL_CTX *ctx;  member
322 static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx) /* {{{ */  in verify_callback()  argument
334 	err = X509_STORE_CTX_get_error(ctx);  in verify_callback()
335 	depth = X509_STORE_CTX_get_error_depth(ctx);  in verify_callback()
338 	ssl = X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());  in verify_callback()
353 		X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_CHAIN_TOO_LONG);  in verify_callback()
886 static zend_result php_openssl_enable_peer_verification(SSL_CTX *ctx, php_stream *stream) /* {{{ */  in php_openssl_enable_peer_verification()  argument
903 			SSL_CTX_set_client_CA_list(ctx, cert_names);  in php_openssl_enable_peer_verification()
916 		if (!SSL_CTX_load_verify_locations(ctx, cafile, capath)) {  in php_openssl_enable_peer_verification()
918 			if (cafile && !php_openssl_load_stream_cafile(SSL_CTX_get_cert_store(ctx), cafile)) {  in php_openssl_enable_peer_verification()
924 		SSL_CTX_set_cert_verify_callback(ctx, php_openssl_win_cert_verify_callback, (void *)stream);  in php_openssl_enable_peer_verification()
926 		if (sslsock->is_client && !SSL_CTX_set_default_verify_paths(ctx)) {  in php_openssl_enable_peer_verification()
934 	SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, verify_callback);  in php_openssl_enable_peer_verification()
940 static void php_openssl_disable_peer_verification(SSL_CTX *ctx, php_stream *stream) /* {{{ */  in php_openssl_disable_peer_verification()  argument
942 	SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);  in php_openssl_disable_peer_verification()
946 static zend_result php_openssl_set_local_cert(SSL_CTX *ctx, php_stream *stream) /* {{{ */  in php_openssl_set_local_cert()  argument
966 		if (SSL_CTX_use_certificate_chain_file(ctx, resolved_path_buff) != 1) {  in php_openssl_set_local_cert()
981 		if (SSL_CTX_use_PrivateKey_file(ctx, resolved_path_buff, SSL_FILETYPE_PEM) != 1) {  in php_openssl_set_local_cert()
985 		if (!SSL_CTX_check_private_key(ctx)) {  in php_openssl_set_local_cert()
1250 static zend_result php_openssl_set_server_dh_param(php_stream * stream, SSL_CTX *ctx) /* {{{ */  in php_openssl_set_server_dh_param()  argument
1258 	SSL_CTX_set_dh_auto(ctx, 1);  in php_openssl_set_server_dh_param()
1283 	if (SSL_CTX_set0_tmp_dh_pkey(ctx, pkey) == 0) {  in php_openssl_set_server_dh_param()
1297 	if (SSL_CTX_set_tmp_dh(ctx, dh) == 0) {  in php_openssl_set_server_dh_param()
1311 static zend_result php_openssl_set_server_ecdh_curve(php_stream *stream, SSL_CTX *ctx) /* {{{ */  in php_openssl_set_server_ecdh_curve()  argument
1319 		SSL_CTX_set_ecdh_auto(ctx, 1);  in php_openssl_set_server_ecdh_curve()
1339 	SSL_CTX_set_tmp_ecdh(ctx, ecdh);  in php_openssl_set_server_ecdh_curve()
1347 static zend_result php_openssl_set_server_specific_opts(php_stream *stream, SSL_CTX *ctx) /* {{{ */  in php_openssl_set_server_specific_opts()  argument
1350 	long ssl_ctx_options = SSL_CTX_get_options(ctx);  in php_openssl_set_server_specific_opts()
1353 	if (php_openssl_set_server_ecdh_curve(stream, ctx) == FAILURE) {  in php_openssl_set_server_specific_opts()
1359 	SSL_CTX_set_tmp_rsa_callback(ctx, php_openssl_tmp_rsa_cb);  in php_openssl_set_server_specific_opts()
1366 	if (php_openssl_set_server_dh_param(stream, ctx) == FAILURE) {  in php_openssl_set_server_specific_opts()
1380 	SSL_CTX_set_options(ctx, ssl_ctx_options);  in php_openssl_set_server_specific_opts()
1409 			SSL_set_SSL_CTX(ssl_handle, sslsock->sni_certs[i].ctx);  in php_openssl_server_sni_callback()
1422 	SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());  in php_openssl_create_sni_server_ctx()  local
1424 	if (SSL_CTX_use_certificate_chain_file(ctx, cert_path) != 1) {  in php_openssl_create_sni_server_ctx()
1431 		SSL_CTX_free(ctx);  in php_openssl_create_sni_server_ctx()
1433 	} else if (SSL_CTX_use_PrivateKey_file(ctx, key_path, SSL_FILETYPE_PEM) != 1) {  in php_openssl_create_sni_server_ctx()
1438 		SSL_CTX_free(ctx);  in php_openssl_create_sni_server_ctx()
1442 	return ctx;  in php_openssl_create_sni_server_ctx()
1454 	SSL_CTX *ctx;  in php_openssl_enable_server_sni()  local
1549 			ctx = php_openssl_create_sni_server_ctx(resolved_cert_path_buff, resolved_pk_path_buff);  in php_openssl_enable_server_sni()
1554 			ctx = php_openssl_create_sni_server_ctx(resolved_path_buff, resolved_path_buff);  in php_openssl_enable_server_sni()
1563 		if (ctx == NULL) {  in php_openssl_enable_server_sni()
1568 		sslsock->sni_certs[i].ctx = ctx;  in php_openssl_enable_server_sni()
1573 	SSL_CTX_set_tlsext_servername_callback(sslsock->ctx, php_openssl_server_sni_callback);  in php_openssl_enable_server_sni()
1687 	sslsock->ctx = SSL_CTX_new(method);  in php_openssl_setup_crypto()
1689 	if (sslsock->ctx == NULL) {  in php_openssl_setup_crypto()
1719 		php_openssl_disable_peer_verification(sslsock->ctx, stream);  in php_openssl_setup_crypto()
1720 	} else if (FAILURE == php_openssl_enable_peer_verification(sslsock->ctx, stream)) {  in php_openssl_setup_crypto()
1726 		SSL_CTX_set_default_passwd_cb_userdata(sslsock->ctx, stream);  in php_openssl_setup_crypto()
1727 		SSL_CTX_set_default_passwd_cb(sslsock->ctx, php_openssl_passwd_callback);  in php_openssl_setup_crypto()
1737 		if (SSL_CTX_set_cipher_list(sslsock->ctx, cipherlist) != 1) {  in php_openssl_setup_crypto()
1748 		SSL_CTX_set_security_level(sslsock->ctx, lval);  in php_openssl_setup_crypto()
1761 				SSL_CTX_free(sslsock->ctx);  in php_openssl_setup_crypto()
1762 				sslsock->ctx = NULL;  in php_openssl_setup_crypto()
1766 				SSL_CTX_set_alpn_protos(sslsock->ctx, alpn, alpn_len);  in php_openssl_setup_crypto()
1770 				SSL_CTX_set_alpn_select_cb(sslsock->ctx, php_openssl_server_alpn_callback, sslsock);  in php_openssl_setup_crypto()
1781 	if (FAILURE == php_openssl_set_local_cert(sslsock->ctx, stream)) {  in php_openssl_setup_crypto()
1785 	SSL_CTX_set_options(sslsock->ctx, ssl_ctx_options);  in php_openssl_setup_crypto()
1788 	SSL_CTX_set_min_proto_version(sslsock->ctx, php_openssl_get_min_proto_version(method_flags));  in php_openssl_setup_crypto()
1789 	SSL_CTX_set_max_proto_version(sslsock->ctx, php_openssl_get_max_proto_version(method_flags));  in php_openssl_setup_crypto()
1794 		FAILURE == php_openssl_set_server_specific_opts(stream, sslsock->ctx)  in php_openssl_setup_crypto()
1799 	sslsock->ssl_handle = SSL_new(sslsock->ctx);  in php_openssl_setup_crypto()
1803 		SSL_CTX_free(sslsock->ctx);  in php_openssl_setup_crypto()
1804 		sslsock->ctx = NULL;  in php_openssl_setup_crypto()
2255 		if (sslsock->ctx) {  in php_openssl_sockop_close()
2256 			SSL_CTX_free(sslsock->ctx);  in php_openssl_sockop_close()
2257 			sslsock->ctx = NULL;  in php_openssl_sockop_close()
2290 			if (sslsock->sni_certs[i].ctx) {  in php_openssl_sockop_close()
2291 				SSL_CTX_free(sslsock->sni_certs[i].ctx);  in php_openssl_sockop_close()
2364 			xparam->outputs.client->ctx = stream->ctx;  in php_openssl_tcp_sockop_accept()
2365 			if (stream->ctx) {  in php_openssl_tcp_sockop_accept()
2366 				GC_ADDREF(stream->ctx);  in php_openssl_tcp_sockop_accept()
2715 		php_stream_context *ctx, zend_long crypto_method)  /* {{{ */  in php_openssl_get_crypto_method()  argument
2719 	if (ctx && (val = php_stream_context_get_option(ctx, "ssl", "crypto_method")) != NULL) {  in php_openssl_get_crypto_method()
2795 	sslsock->ctx = NULL;  in php_openssl_ssl_socket_factory()

Last Index update Thu Jul 04 22:02:24 UTC 2024

Dedicated to & Maintained by Room-11