Lines Matching refs:backend
467 struct schannel_ssl_backend_data *backend =
468 (struct schannel_ssl_backend_data *)(connssl->backend);
470 DEBUGASSERT(backend);
474 if(backend->use_manual_cred_validation)
743 backend->cred = (struct Curl_schannel_cred *)
745 if(!backend->cred) {
757 backend->cred->refcount = 1;
763 backend->cred->client_cert_store = client_cert_store;
974 &backend->cred->cred_handle,
975 &backend->cred->time_stamp);
1021 &backend->cred->cred_handle,
1022 &backend->cred->time_stamp);
1034 Curl_safefree(backend->cred);
1056 struct schannel_ssl_backend_data *backend =
1057 (struct schannel_ssl_backend_data *)connssl->backend;
1071 DEBUGASSERT(backend);
1087 backend->use_alpn = connssl->alpn &&
1093 backend->use_alpn = false;
1100 backend->use_manual_cred_validation = true;
1109 backend->use_manual_cred_validation = true;
1118 backend->use_manual_cred_validation = false;
1127 backend->cred = NULL;
1133 backend->cred = old_cred;
1137 backend->cred->refcount++;
1140 backend->cred->refcount));
1145 if(!backend->cred) {
1150 /* schannel_acquire_credential_handle() sets backend->cred accordingly or
1156 backend->cred->sni_hostname = curlx_convert_UTF8_to_tchar(snihost);
1157 if(!backend->cred->sni_hostname)
1167 if(backend->use_alpn) {
1224 backend->req_flags = ISC_REQ_SEQUENCE_DETECT | ISC_REQ_REPLAY_DETECT |
1229 backend->req_flags |= ISC_REQ_USE_SUPPLIED_CREDS;
1233 backend->ctxt = (struct Curl_schannel_ctxt *)
1235 if(!backend->ctxt) {
1248 &backend->cred->cred_handle, NULL, backend->cred->sni_hostname,
1249 backend->req_flags, 0, 0,
1250 (backend->use_alpn ? &inbuf_desc : NULL),
1251 0, &backend->ctxt->ctxt_handle,
1252 &outbuf_desc, &backend->ret_flags, &backend->ctxt->time_stamp);
1256 Curl_safefree(backend->ctxt);
1301 backend->recv_unrecoverable_err = CURLE_OK;
1302 backend->recv_sspi_close_notify = false;
1303 backend->recv_connection_closed = false;
1304 backend->recv_renegotiating = false;
1305 backend->encdata_is_incomplete = false;
1317 struct schannel_ssl_backend_data *backend =
1318 (struct schannel_ssl_backend_data *)connssl->backend;
1332 DEBUGASSERT(backend);
1340 if(!backend->cred || !backend->ctxt)
1344 if(!backend->decdata_buffer) {
1345 backend->decdata_offset = 0;
1346 backend->decdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
1347 backend->decdata_buffer = malloc(backend->decdata_length);
1348 if(!backend->decdata_buffer) {
1355 if(!backend->encdata_buffer) {
1356 backend->encdata_is_incomplete = false;
1357 backend->encdata_offset = 0;
1358 backend->encdata_length = CURL_SCHANNEL_BUFFER_INIT_SIZE;
1359 backend->encdata_buffer = malloc(backend->encdata_length);
1360 if(!backend->encdata_buffer) {
1367 if(backend->encdata_length - backend->encdata_offset <
1370 size_t reallocated_length = backend->encdata_offset +
1372 reallocated_buffer = realloc(backend->encdata_buffer,
1380 backend->encdata_buffer = reallocated_buffer;
1381 backend->encdata_length = reallocated_length;
1389 (char *) (backend->encdata_buffer +
1390 backend->encdata_offset),
1391 backend->encdata_length -
1392 backend->encdata_offset,
1408 backend->encdata_offset += nread;
1409 backend->encdata_is_incomplete = false;
1415 backend->encdata_offset, backend->encdata_length));
1418 InitSecBuffer(&inbuf[0], SECBUFFER_TOKEN, malloc(backend->encdata_offset),
1419 curlx_uztoul(backend->encdata_offset));
1435 memcpy(inbuf[0].pvBuffer, backend->encdata_buffer,
1436 backend->encdata_offset);
1439 &backend->cred->cred_handle, &backend->ctxt->ctxt_handle,
1440 backend->cred->sni_hostname, backend->req_flags,
1442 &outbuf_desc, &backend->ret_flags, &backend->ctxt->time_stamp);
1449 backend->encdata_is_incomplete = true;
1460 !(backend->req_flags & ISC_REQ_USE_SUPPLIED_CREDS)) {
1461 backend->req_flags |= ISC_REQ_USE_SUPPLIED_CREDS;
1543 if(backend->encdata_offset > inbuf[1].cbBuffer) {
1544 memmove(backend->encdata_buffer,
1545 (backend->encdata_buffer + backend->encdata_offset) -
1547 backend->encdata_offset = inbuf[1].cbBuffer;
1555 backend->encdata_offset = 0;
1584 if(conn_config->verifypeer && backend->use_manual_cred_validation) {
1677 struct schannel_ssl_backend_data *backend =
1678 (struct schannel_ssl_backend_data *)connssl->backend;
1688 DEBUGASSERT(backend);
1694 if(!backend->cred)
1698 if(backend->ret_flags != backend->req_flags) {
1699 if(!(backend->ret_flags & ISC_RET_SEQUENCE_DETECT))
1701 if(!(backend->ret_flags & ISC_RET_REPLAY_DETECT))
1703 if(!(backend->ret_flags & ISC_RET_CONFIDENTIALITY))
1705 if(!(backend->ret_flags & ISC_RET_ALLOCATED_MEMORY))
1707 if(!(backend->ret_flags & ISC_RET_STREAM))
1713 if(backend->use_alpn) {
1715 s_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
1730 if(backend->recv_renegotiating) {
1741 if(!backend->recv_renegotiating)
1756 if(old_cred != backend->cred) {
1765 result = Curl_ssl_addsessionid(cf, data, backend->cred,
1775 backend->cred->refcount++;
1786 s_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
1923 struct schannel_ssl_backend_data *backend =
1924 (struct schannel_ssl_backend_data *)connssl->backend;
1925 DEBUGASSERT(backend);
1926 cf->conn->sslContext = &backend->ctxt->ctxt_handle;
1953 struct schannel_ssl_backend_data *backend =
1954 (struct schannel_ssl_backend_data *)connssl->backend;
1956 DEBUGASSERT(backend);
1959 if(backend->stream_sizes.cbMaximumMessage == 0) {
1961 &backend->ctxt->ctxt_handle,
1963 &backend->stream_sizes);
1971 if(len > backend->stream_sizes.cbMaximumMessage) {
1972 len = backend->stream_sizes.cbMaximumMessage;
1976 data_len = backend->stream_sizes.cbHeader + len +
1977 backend->stream_sizes.cbTrailer;
1986 ptr, backend->stream_sizes.cbHeader);
1988 ptr + backend->stream_sizes.cbHeader, curlx_uztoul(len));
1990 ptr + backend->stream_sizes.cbHeader + len,
1991 backend->stream_sizes.cbTrailer);
1999 sspi_status = s_pSecFn->EncryptMessage(&backend->ctxt->ctxt_handle, 0,
2104 struct schannel_ssl_backend_data *backend =
2105 (struct schannel_ssl_backend_data *)connssl->backend;
2107 DEBUGASSERT(backend);
2110 * Don't return or set backend->recv_unrecoverable_err unless in the cleanup.
2122 if(len && len <= backend->decdata_offset) {
2126 else if(backend->recv_unrecoverable_err) {
2127 *err = backend->recv_unrecoverable_err;
2131 else if(backend->recv_sspi_close_notify) {
2141 else if(len && !backend->recv_connection_closed) {
2143 size = backend->encdata_length - backend->encdata_offset;
2145 backend->encdata_length < min_encdata_length) {
2146 reallocated_length = backend->encdata_offset +
2151 reallocated_buffer = realloc(backend->encdata_buffer,
2159 backend->encdata_buffer = reallocated_buffer;
2160 backend->encdata_length = reallocated_length;
2161 size = backend->encdata_length - backend->encdata_offset;
2163 backend->encdata_length));
2168 backend->encdata_offset, backend->encdata_length));
2172 (char *)(backend->encdata_buffer +
2173 backend->encdata_offset),
2186 backend->recv_connection_closed = true;
2190 backend->encdata_offset += (size_t)nread;
2191 backend->encdata_is_incomplete = false;
2198 backend->encdata_offset, backend->encdata_length));
2201 while(backend->encdata_offset > 0 && sspi_status == SEC_E_OK &&
2202 (!len || backend->decdata_offset < len ||
2203 backend->recv_connection_closed)) {
2205 InitSecBuffer(&inbuf[0], SECBUFFER_DATA, backend->encdata_buffer,
2206 curlx_uztoul(backend->encdata_offset));
2216 sspi_status = s_pSecFn->DecryptMessage(&backend->ctxt->ctxt_handle,
2232 if(backend->decdata_length - backend->decdata_offset < size ||
2233 backend->decdata_length < len) {
2235 reallocated_length = backend->decdata_offset + size;
2240 reallocated_buffer = realloc(backend->decdata_buffer,
2247 backend->decdata_buffer = reallocated_buffer;
2248 backend->decdata_length = reallocated_length;
2254 memcpy(backend->decdata_buffer + backend->decdata_offset,
2256 backend->decdata_offset += size;
2262 backend->decdata_offset, backend->decdata_length));
2273 if(backend->encdata_offset > inbuf[3].cbBuffer) {
2276 memmove(backend->encdata_buffer,
2277 (backend->encdata_buffer + backend->encdata_offset) -
2279 backend->encdata_offset = inbuf[3].cbBuffer;
2284 backend->encdata_offset, backend->encdata_length));
2288 backend->encdata_offset = 0;
2303 backend->recv_renegotiating = true;
2305 backend->recv_renegotiating = false;
2319 backend->recv_sspi_close_notify = true;
2320 if(!backend->recv_connection_closed) {
2321 backend->recv_connection_closed = true;
2328 backend->encdata_is_incomplete = true;
2347 backend->encdata_offset, backend->encdata_length));
2351 backend->decdata_offset, backend->decdata_length));
2368 if(len && !backend->decdata_offset && backend->recv_connection_closed &&
2369 !backend->recv_sspi_close_notify) {
2374 backend->recv_sspi_close_notify = true;
2383 backend->recv_unrecoverable_err = *err;
2385 size = len < backend->decdata_offset ? len : backend->decdata_offset;
2387 memcpy(buf, backend->decdata_buffer, size);
2388 memmove(backend->decdata_buffer, backend->decdata_buffer + size,
2389 backend->decdata_offset - size);
2390 backend->decdata_offset -= size;
2394 backend->decdata_offset, backend->decdata_length));
2399 if(!*err && !backend->recv_connection_closed)
2438 struct schannel_ssl_backend_data *backend =
2439 (struct schannel_ssl_backend_data *)connssl->backend;
2442 DEBUGASSERT(backend);
2444 if(backend->ctxt) /* SSL/TLS is in use */
2445 return (backend->decdata_offset > 0 ||
2446 (backend->encdata_offset > 0 && !backend->encdata_is_incomplete));
2482 struct schannel_ssl_backend_data *backend =
2483 (struct schannel_ssl_backend_data *)connssl->backend;
2486 DEBUGASSERT(backend);
2488 if(backend->ctxt) {
2493 if(backend->cred && backend->ctxt) {
2505 sspi_status = s_pSecFn->ApplyControlToken(&backend->ctxt->ctxt_handle,
2519 &backend->cred->cred_handle,
2520 &backend->ctxt->ctxt_handle,
2521 backend->cred->sni_hostname,
2522 backend->req_flags,
2527 &backend->ctxt->ctxt_handle,
2529 &backend->ret_flags,
2530 &backend->ctxt->time_stamp);
2546 if(backend->ctxt) {
2548 s_pSecFn->DeleteSecurityContext(&backend->ctxt->ctxt_handle);
2549 Curl_safefree(backend->ctxt);
2553 if(backend->cred) {
2555 schannel_session_free(backend->cred);
2557 backend->cred = NULL;
2561 if(backend->encdata_buffer) {
2562 Curl_safefree(backend->encdata_buffer);
2563 backend->encdata_length = 0;
2564 backend->encdata_offset = 0;
2565 backend->encdata_is_incomplete = false;
2569 if(backend->decdata_buffer) {
2570 Curl_safefree(backend->decdata_buffer);
2571 backend->decdata_length = 0;
2572 backend->decdata_offset = 0;
2613 struct schannel_ssl_backend_data *backend =
2614 (struct schannel_ssl_backend_data *)connssl->backend;
2620 DEBUGASSERT(backend);
2634 s_pSecFn->QueryContextAttributes(&backend->ctxt->ctxt_handle,
2739 struct schannel_ssl_backend_data *backend =
2740 (struct schannel_ssl_backend_data *)connssl->backend;
2742 DEBUGASSERT(backend);
2743 return &backend->ctxt->ctxt_handle;