Lines Matching defs:wsi
72 lws_ssl_client_bio_create(struct lws *wsi)
75 const char *alpn_comma = wsi->a.context->tls.alpn_default;
79 if (wsi->stash)
80 lws_strncpy(hostname, wsi->stash->cis[CIS_HOST], sizeof(hostname));
82 if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
102 wsi->tls.ssl = SSL_new(wsi->a.vhost->tls.ssl_client_ctx);
103 if (!wsi->tls.ssl) {
109 if (!(wsi->a.vhost->options & LWS_SERVER_OPTION_DISABLE_TLS_SESSION_CACHE))
110 lws_tls_reuse_session(wsi);
113 if (wsi->a.vhost->tls.ssl_info_event_mask)
114 SSL_set_info_callback(wsi->tls.ssl, lws_ssl_info_callback);
116 if (!(wsi->tls.use_ssl & LCCSCF_SKIP_SERVER_CERT_HOSTNAME_CHECK)) {
117 X509_VERIFY_PARAM *param = SSL_get0_param(wsi->tls.ssl);
126 if (wsi->a.vhost->tls.alpn)
127 alpn_comma = wsi->a.vhost->tls.alpn;
129 if (wsi->stash) {
130 lws_strncpy(hostname, wsi->stash->cis[CIS_HOST],
132 if (wsi->stash->cis[CIS_ALPN])
133 alpn_comma = wsi->stash->cis[CIS_ALPN];
135 if (lws_hdr_copy(wsi, hostname, sizeof(hostname),
144 __func__, lws_wsi_tag(wsi), alpn_comma, protos.len);
147 SSL_set_alpn_select_cb(wsi->tls.ssl, &protos);
149 if (wsi->flags & LCCSCF_ALLOW_SELFSIGNED) {
154 if (wsi->flags & LCCSCF_ALLOW_INSECURE)
162 SSL_set_verify(wsi->tls.ssl, SSL_VERIFY_PEER,
166 SSL_set_verify(wsi->tls.ssl, fl, NULL);
169 SSL_set_fd(wsi->tls.ssl, (int)wsi->desc.sockfd);
171 if (wsi->sys_tls_client_cert) {
172 lws_system_blob_t *b = lws_system_get_blob(wsi->a.context,
174 wsi->sys_tls_client_cert - 1);
195 if (lws_tls_alloc_pem_to_der_file(wsi->a.context, NULL,
201 err = SSL_use_certificate_ASN1(wsi->tls.ssl, data, (int)size);
206 b = lws_system_get_blob(wsi->a.context,
208 wsi->sys_tls_client_cert - 1);
218 if (lws_tls_alloc_pem_to_der_file(wsi->a.context, NULL,
224 err = SSL_use_PrivateKey_ASN1(0, wsi->tls.ssl, data, (int)size);
232 wsi->sys_tls_client_cert - 1);
239 wsi->sys_tls_client_cert - 1);
250 lws_tls_client_connect(struct lws *wsi, char *errbuf, size_t elen)
252 int m, n = SSL_connect(wsi->tls.ssl), en;
255 lws_tls_server_conn_alpn(wsi);
257 lws_tls_session_new_mbedtls(wsi);
264 m = SSL_get_error(wsi->tls.ssl, n);
266 if (m == SSL_ERROR_WANT_READ || SSL_want_read(wsi->tls.ssl))
269 if (m == SSL_ERROR_WANT_WRITE || SSL_want_write(wsi->tls.ssl))
285 lws_tls_client_confirm_peer_cert(struct lws *wsi, char *ebuf, size_t ebuf_len)
289 X509 *peer = SSL_get_peer_certificate(wsi->tls.ssl);
290 struct lws_context_per_thread *pt = &wsi->a.context->pt[(int)wsi->tsi];
296 lws_metrics_hist_bump_describe_wsi(wsi, lws_metrics_priv_to_pub(
297 wsi->a.context->mth_conn_failures),
306 n = (int)SSL_get_verify_result(wsi->tls.ssl);
339 lws_metrics_hist_bump_describe_wsi(wsi,
340 lws_metrics_priv_to_pub(wsi->a.context->mth_conn_failures),
344 if (wsi->tls.use_ssl & avoid) {
352 lws_tls_jit_trust_sort_kids(wsi, &wsi->tls.ssl->kid_chain);
356 type, (unsigned int)wsi->tls.use_ssl, n,