Lines Matching defs:ctx

199     to->dane.dctx = &to->ctx->dane;
696 if (s->method != s->ctx->method) {
698 s->method = s->ctx->method;
713 int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
717 ctx->method = meth;
719 if (!SSL_CTX_set_ciphersuites(ctx, OSSL_default_ciphersuites())) {
723 sk = ssl_create_cipher_list(ctx,
724 ctx->tls13_ciphersuites,
725 &(ctx->cipher_list),
726 &(ctx->cipher_list_by_id),
727 OSSL_default_cipher_list(), ctx->cert);
736 SSL *SSL_new(SSL_CTX *ctx)
740 if (ctx == NULL) {
744 if (ctx->method == NULL) {
763 s->options = ctx->options;
764 s->dane.flags = ctx->dane.flags;
765 s->min_proto_version = ctx->min_proto_version;
766 s->max_proto_version = ctx->max_proto_version;
767 s->mode = ctx->mode;
768 s->max_cert_list = ctx->max_cert_list;
769 s->max_early_data = ctx->max_early_data;
770 s->recv_max_early_data = ctx->recv_max_early_data;
771 s->num_tickets = ctx->num_tickets;
772 s->pha_enabled = ctx->pha_enabled;
775 s->tls13_ciphersuites = sk_SSL_CIPHER_dup(ctx->tls13_ciphersuites);
785 * used to be known as s->ctx->default_cert). Now we don't look at the
788 s->cert = ssl_cert_dup(ctx->cert);
792 RECORD_LAYER_set_read_ahead(&s->rlayer, ctx->read_ahead);
793 s->msg_callback = ctx->msg_callback;
794 s->msg_callback_arg = ctx->msg_callback_arg;
795 s->verify_mode = ctx->verify_mode;
796 s->not_resumable_session_cb = ctx->not_resumable_session_cb;
797 s->record_padding_cb = ctx->record_padding_cb;
798 s->record_padding_arg = ctx->record_padding_arg;
799 s->block_padding = ctx->block_padding;
800 s->sid_ctx_length = ctx->sid_ctx_length;
803 memcpy(&s->sid_ctx, &ctx->sid_ctx, sizeof(s->sid_ctx));
804 s->verify_callback = ctx->default_verify_callback;
805 s->generate_session_id = ctx->generate_session_id;
810 X509_VERIFY_PARAM_inherit(s->param, ctx->param);
811 s->quiet_shutdown = ctx->quiet_shutdown;
813 s->ext.max_fragment_len_mode = ctx->ext.max_fragment_len_mode;
814 s->max_send_fragment = ctx->max_send_fragment;
815 s->split_send_fragment = ctx->split_send_fragment;
816 s->max_pipelines = ctx->max_pipelines;
819 if (ctx->default_read_buf_len > 0)
820 SSL_set_default_read_buffer_len(s, ctx->default_read_buf_len);
822 SSL_CTX_up_ref(ctx);
823 s->ctx = ctx;
827 s->ext.status_type = ctx->ext.status_type;
833 SSL_CTX_up_ref(ctx);
834 s->session_ctx = ctx;
835 if (ctx->ext.ecpointformats) {
837 OPENSSL_memdup(ctx->ext.ecpointformats,
838 ctx->ext.ecpointformats_len);
844 ctx->ext.ecpointformats_len;
846 if (ctx->ext.supportedgroups) {
848 OPENSSL_memdup(ctx->ext.supportedgroups,
849 ctx->ext.supportedgroups_len
850 * sizeof(*ctx->ext.supportedgroups));
855 s->ext.supportedgroups_len = ctx->ext.supportedgroups_len;
862 if (s->ctx->ext.alpn) {
863 s->ext.alpn = OPENSSL_malloc(s->ctx->ext.alpn_len);
868 memcpy(s->ext.alpn, s->ctx->ext.alpn, s->ctx->ext.alpn_len);
869 s->ext.alpn_len = s->ctx->ext.alpn_len;
875 s->default_passwd_callback = ctx->default_passwd_callback;
876 s->default_passwd_callback_userdata = ctx->default_passwd_callback_userdata;
878 s->method = ctx->method;
882 s->allow_early_data_cb = ctx->allow_early_data_cb;
883 s->allow_early_data_cb_data = ctx->allow_early_data_cb_data;
888 s->server = (ctx->method->ssl_accept == ssl_undefined_function) ? 0 : 1;
897 s->psk_client_callback = ctx->psk_client_callback;
898 s->psk_server_callback = ctx->psk_server_callback;
900 s->psk_find_session_cb = ctx->psk_find_session_cb;
901 s->psk_use_session_cb = ctx->psk_use_session_cb;
903 s->async_cb = ctx->async_cb;
904 s->async_cb_arg = ctx->async_cb_arg;
909 s->quic_method = ctx->quic_method;
913 if (!SSL_set_ct_validation_callback(s, ctx->ct_validation_callback,
914 ctx->ct_validation_callback_arg))
942 int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
949 ctx->sid_ctx_length = sid_ctx_len;
950 memcpy(ctx->sid_ctx, sid_ctx, sid_ctx_len);
968 int SSL_CTX_set_generate_session_id(SSL_CTX *ctx, GEN_SESSION_CB cb)
970 if (!CRYPTO_THREAD_write_lock(ctx->lock))
972 ctx->generate_session_id = cb;
973 CRYPTO_THREAD_unlock(ctx->lock);
1081 int SSL_CTX_dane_enable(SSL_CTX *ctx)
1083 return dane_ctx_enable(&ctx->dane);
1086 unsigned long SSL_CTX_dane_set_flags(SSL_CTX *ctx, unsigned long flags)
1088 unsigned long orig = ctx->dane.flags;
1090 ctx->dane.flags |= flags;
1094 unsigned long SSL_CTX_dane_clear_flags(SSL_CTX *ctx, unsigned long flags)
1096 unsigned long orig = ctx->dane.flags;
1098 ctx->dane.flags &= ~flags;
1106 if (s->ctx->dane.mdmax == 0) {
1135 dane->dctx = &s->ctx->dane;
1209 int SSL_CTX_dane_mtype_set(SSL_CTX *ctx, const EVP_MD *md, uint8_t mtype,
1212 return dane_mtype_set(&ctx->dane, md, mtype, ord);
1215 int SSL_CTX_set1_param(SSL_CTX *ctx, X509_VERIFY_PARAM *vpm)
1217 return X509_VERIFY_PARAM_set1(ctx->param, vpm);
1225 X509_VERIFY_PARAM *SSL_CTX_get0_param(SSL_CTX *ctx)
1227 return ctx->param;
1337 SSL_CTX_free(s->ctx);
1581 int SSL_CTX_get_verify_mode(const SSL_CTX *ctx)
1583 return ctx->verify_mode;
1586 int SSL_CTX_get_verify_depth(const SSL_CTX *ctx)
1588 return X509_VERIFY_PARAM_get_depth(ctx->param);
1591 int (*SSL_CTX_get_verify_callback(const SSL_CTX *ctx)) (int, X509_STORE_CTX *) {
1592 return ctx->default_verify_callback;
1596 int (*callback) (int ok, X509_STORE_CTX *ctx))
1733 int SSL_CTX_check_private_key(const SSL_CTX *ctx)
1735 if ((ctx == NULL) || (ctx->cert->key->x509 == NULL)) {
1739 if (ctx->cert->key->privatekey == NULL) {
1744 (ctx->cert->key->x509, ctx->cert->key->privatekey);
1776 ASYNC_WAIT_CTX *ctx = s->waitctx;
1778 if (ctx == NULL)
1780 return ASYNC_WAIT_CTX_get_all_fds(ctx, fds, numfds);
1786 ASYNC_WAIT_CTX *ctx = s->waitctx;
1788 if (ctx == NULL)
1790 return ASYNC_WAIT_CTX_get_changed_fds(ctx, addfd, numaddfds, delfd,
1794 int SSL_CTX_set_async_callback(SSL_CTX *ctx, SSL_async_callback_fn callback)
1796 ctx->async_cb = callback;
1800 int SSL_CTX_set_async_callback_arg(SSL_CTX *ctx, void *arg)
1802 ctx->async_cb_arg = arg;
1820 ASYNC_WAIT_CTX *ctx = s->waitctx;
1822 if (ctx == NULL)
1824 *status = ASYNC_WAIT_CTX_get_status(ctx);
2541 && ssl_set_version_bound(s->ctx->method->version, (int)larg,
2547 && ssl_set_version_bound(s->ctx->method->version, (int)larg,
2571 LHASH_OF(SSL_SESSION) *SSL_CTX_sessions(SSL_CTX *ctx)
2573 return ctx->sessions;
2576 static int ssl_tsan_load(SSL_CTX *ctx, TSAN_QUALIFIER int *stat)
2580 if (ssl_tsan_lock(ctx)) {
2582 ssl_tsan_unlock(ctx);
2587 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
2590 /* For some cases with ctx == NULL perform syntax checks */
2591 if (ctx == NULL) {
2594 return tls1_set_groups_list(ctx, NULL, NULL, parg);
2605 return ctx->read_ahead;
2607 l = ctx->read_ahead;
2608 ctx->read_ahead = larg;
2612 ctx->msg_callback_arg = parg;
2616 return (long)ctx->max_cert_list;
2620 l = (long)ctx->max_cert_list;
2621 ctx->max_cert_list = (size_t)larg;
2627 l = (long)ctx->session_cache_size;
2628 ctx->session_cache_size = (size_t)larg;
2631 return (long)ctx->session_cache_size;
2633 l = ctx->session_cache_mode;
2634 ctx->session_cache_mode = larg;
2637 return ctx->session_cache_mode;
2640 return lh_SSL_SESSION_num_items(ctx->sessions);
2642 return ssl_tsan_load(ctx, &ctx->stats.sess_connect);
2644 return ssl_tsan_load(ctx, &ctx->stats.sess_connect_good);
2646 return ssl_tsan_load(ctx, &ctx->stats.sess_connect_renegotiate);
2648 return ssl_tsan_load(ctx, &ctx->stats.sess_accept);
2650 return ssl_tsan_load(ctx, &ctx->stats.sess_accept_good);
2652 return ssl_tsan_load(ctx, &ctx->stats.sess_accept_renegotiate);
2654 return ssl_tsan_load(ctx, &ctx->stats.sess_hit);
2656 return ssl_tsan_load(ctx, &ctx->stats.sess_cb_hit);
2658 return ssl_tsan_load(ctx, &ctx->stats.sess_miss);
2660 return ssl_tsan_load(ctx, &ctx->stats.sess_timeout);
2662 return ssl_tsan_load(ctx, &ctx->stats.sess_cache_full);
2664 return (ctx->mode |= larg);
2666 return (ctx->mode &= ~larg);
2670 ctx->max_send_fragment = larg;
2671 if (ctx->max_send_fragment < ctx->split_send_fragment)
2672 ctx->split_send_fragment = ctx->max_send_fragment;
2675 if ((size_t)larg > ctx->max_send_fragment || larg == 0)
2677 ctx->split_send_fragment = larg;
2682 ctx->max_pipelines = larg;
2685 return (ctx->cert->cert_flags |= larg);
2687 return (ctx->cert->cert_flags &= ~larg);
2689 return ssl_check_allowed_versions(larg, ctx->max_proto_version)
2690 && ssl_set_version_bound(ctx->method->version, (int)larg,
2691 &ctx->min_proto_version);
2693 return ctx->min_proto_version;
2695 return ssl_check_allowed_versions(ctx->min_proto_version, larg)
2696 && ssl_set_version_bound(ctx->method->version, (int)larg,
2697 &ctx->max_proto_version);
2699 return ctx->max_proto_version;
2701 return ctx->method->ssl_ctx_ctrl(ctx, cmd, larg, parg);
2705 long SSL_CTX_callback_ctrl(SSL_CTX *ctx, int cmd, void (*fp) (void))
2709 ctx->msg_callback = (void (*)
2716 return ctx->method->ssl_ctx_callback_ctrl(ctx, cmd, fp);
2746 } else if ((s->ctx != NULL) && (s->ctx->cipher_list != NULL)) {
2747 return s->ctx->cipher_list;
2793 } else if ((s->ctx != NULL) && (s->ctx->cipher_list_by_id != NULL)) {
2794 return s->ctx->cipher_list_by_id;
2819 STACK_OF(SSL_CIPHER) *SSL_CTX_get_ciphers(const SSL_CTX *ctx)
2821 if (ctx != NULL)
2822 return ctx->cipher_list;
2847 int SSL_CTX_set_cipher_list(SSL_CTX *ctx, const char *str)
2851 sk = ssl_create_cipher_list(ctx, ctx->tls13_ciphersuites,
2852 &ctx->cipher_list, &ctx->cipher_list_by_id, str,
2853 ctx->cert);
2859 * ctx->cipher_list and ctx->cipher_list_by_id has been updated.
2875 sk = ssl_create_cipher_list(s->ctx, s->tls13_ciphersuites,
3120 void SSL_CTX_set_npn_advertised_cb(SSL_CTX *ctx,
3124 ctx->ext.npn_advertised_cb = cb;
3125 ctx->ext.npn_advertised_cb_arg = arg;
3138 void SSL_CTX_set_npn_select_cb(SSL_CTX *ctx,
3142 ctx->ext.npn_select_cb = cb;
3143 ctx->ext.npn_select_cb_arg = arg;
3161 * SSL_CTX_set_alpn_protos sets the ALPN protocol list on |ctx| to |protos|.
3165 int SSL_CTX_set_alpn_protos(SSL_CTX *ctx, const unsigned char *protos,
3171 OPENSSL_free(ctx->ext.alpn);
3172 ctx->ext.alpn = NULL;
3173 ctx->ext.alpn_len = 0;
3185 OPENSSL_free(ctx->ext.alpn);
3186 ctx->ext.alpn = alpn;
3187 ctx->ext.alpn_len = protos_len;
3225 * SSL_CTX_set_alpn_select_cb sets a callback function on |ctx| that is
3229 void SSL_CTX_set_alpn_select_cb(SSL_CTX *ctx,
3233 ctx->ext.alpn_select_cb = cb;
3234 ctx->ext.alpn_select_cb_arg = arg;
3483 * SSL_CTX_clear_options(ctx, SSL_OP_NO_COMPRESSION);
3538 int SSL_CTX_up_ref(SSL_CTX *ctx)
3542 if (CRYPTO_UP_REF(&ctx->references, &i, ctx->lock) <= 0)
3545 REF_PRINT_COUNT("SSL_CTX", ctx);
3635 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, pem_password_cb *cb)
3637 ctx->default_passwd_callback = cb;
3640 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
3642 ctx->default_passwd_callback_userdata = u;
3645 pem_password_cb *SSL_CTX_get_default_passwd_cb(SSL_CTX *ctx)
3647 return ctx->default_passwd_callback;
3650 void *SSL_CTX_get_default_passwd_cb_userdata(SSL_CTX *ctx)
3652 return ctx->default_passwd_callback_userdata;
3675 void SSL_CTX_set_cert_verify_callback(SSL_CTX *ctx,
3679 ctx->app_verify_callback = cb;
3680 ctx->app_verify_arg = arg;
3683 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
3686 ctx->verify_mode = mode;
3687 ctx->default_verify_callback = cb;
3690 void SSL_CTX_set_verify_depth(SSL_CTX *ctx, int depth)
3692 X509_VERIFY_PARAM_set_depth(ctx->param, depth);
3907 const SSL_METHOD *SSL_CTX_get_ssl_method(const SSL_CTX *ctx)
3909 return ctx->method;
4331 X509 *SSL_CTX_get0_certificate(const SSL_CTX *ctx)
4333 if (ctx->cert != NULL)
4334 return ctx->cert->key->x509;
4339 EVP_PKEY *SSL_CTX_get0_privatekey(const SSL_CTX *ctx)
4341 if (ctx->cert != NULL)
4342 return ctx->cert->key->privatekey;
4411 void SSL_CTX_set_quiet_shutdown(SSL_CTX *ctx, int mode)
4413 ctx->quiet_shutdown = mode;
4416 int SSL_CTX_get_quiet_shutdown(const SSL_CTX *ctx)
4418 return ctx->quiet_shutdown;
4453 return ssl->ctx;
4456 SSL_CTX *SSL_set_SSL_CTX(SSL *ssl, SSL_CTX *ctx)
4459 if (ssl->ctx == ctx)
4460 return ssl->ctx;
4461 if (ctx == NULL)
4462 ctx = ssl->session_ctx;
4463 new_cert = ssl_cert_dup(ctx->cert);
4489 if ((ssl->ctx != NULL) &&
4490 (ssl->sid_ctx_length == ssl->ctx->sid_ctx_length) &&
4491 (memcmp(ssl->sid_ctx, ssl->ctx->sid_ctx, ssl->sid_ctx_length) == 0)) {
4492 ssl->sid_ctx_length = ctx->sid_ctx_length;
4493 memcpy(&ssl->sid_ctx, &ctx->sid_ctx, sizeof(ssl->sid_ctx));
4496 SSL_CTX_up_ref(ctx);
4497 SSL_CTX_free(ssl->ctx); /* decrement reference count */
4498 ssl->ctx = ctx;
4500 return ssl->ctx;
4503 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
4505 return X509_STORE_set_default_paths_ex(ctx->cert_store, ctx->libctx,
4506 ctx->propq);
4509 int SSL_CTX_set_default_verify_dir(SSL_CTX *ctx)
4513 lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_hash_dir());
4527 int SSL_CTX_set_default_verify_file(SSL_CTX *ctx)
4531 lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_file());
4538 X509_LOOKUP_load_file_ex(lookup, NULL, X509_FILETYPE_DEFAULT, ctx->libctx,
4539 ctx->propq);
4546 int SSL_CTX_set_default_verify_store(SSL_CTX *ctx)
4550 lookup = X509_STORE_add_lookup(ctx->cert_store, X509_LOOKUP_store());
4557 X509_LOOKUP_add_store_ex(lookup, NULL, ctx->libctx, ctx->propq);
4564 int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile)
4566 return X509_STORE_load_file_ex(ctx->cert_store, CAfile, ctx->libctx,
4567 ctx->propq);
4570 int SSL_CTX_load_verify_dir(SSL_CTX *ctx, const char *CApath)
4572 return X509_STORE_load_path(ctx->cert_store, CApath);
4575 int SSL_CTX_load_verify_store(SSL_CTX *ctx, const char *CAstore)
4577 return X509_STORE_load_store_ex(ctx->cert_store, CAstore, ctx->libctx,
4578 ctx->propq);
4581 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
4586 if (CAfile != NULL && !SSL_CTX_load_verify_file(ctx, CAfile))
4588 if (CApath != NULL && !SSL_CTX_load_verify_dir(ctx, CApath))
4682 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx)
4684 return ctx->cert_store;
4687 void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store)
4689 X509_STORE_free(ctx->cert_store);
4690 ctx->cert_store = store;
4693 void SSL_CTX_set1_cert_store(SSL_CTX *ctx, X509_STORE *store)
4697 SSL_CTX_set_cert_store(ctx, store);
4706 int SSL_CTX_use_psk_identity_hint(SSL_CTX *ctx, const char *identity_hint)
4712 OPENSSL_free(ctx->cert->psk_identity_hint);
4714 ctx->cert->psk_identity_hint = OPENSSL_strdup(identity_hint);
4715 if (ctx->cert->psk_identity_hint == NULL)
4718 ctx->cert->psk_identity_hint = NULL;
4760 void SSL_CTX_set_psk_client_callback(SSL_CTX *ctx, SSL_psk_client_cb_func cb)
4762 ctx->psk_client_callback = cb;
4770 void SSL_CTX_set_psk_server_callback(SSL_CTX *ctx, SSL_psk_server_cb_func cb)
4772 ctx->psk_server_callback = cb;
4781 void SSL_CTX_set_psk_find_session_callback(SSL_CTX *ctx,
4784 ctx->psk_find_session_cb = cb;
4792 void SSL_CTX_set_psk_use_session_callback(SSL_CTX *ctx,
4795 ctx->psk_use_session_cb = cb;
4798 void SSL_CTX_set_msg_callback(SSL_CTX *ctx,
4803 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_MSG_CALLBACK, (void (*)(void))cb);
4814 void SSL_CTX_set_not_resumable_session_callback(SSL_CTX *ctx,
4819 SSL_CTX_callback_ctrl(ctx, SSL_CTRL_SET_NOT_RESUMABLE_SESS_CB,
4831 void SSL_CTX_set_record_padding_callback(SSL_CTX *ctx,
4835 ctx->record_padding_cb = cb;
4838 void SSL_CTX_set_record_padding_callback_arg(SSL_CTX *ctx, void *arg)
4840 ctx->record_padding_arg = arg;
4843 void *SSL_CTX_get_record_padding_callback_arg(const SSL_CTX *ctx)
4845 return ctx->record_padding_arg;
4848 int SSL_CTX_set_block_padding(SSL_CTX *ctx, size_t block_size)
4852 ctx->block_padding = 0;
4854 ctx->block_padding = block_size;
4908 int SSL_CTX_set_num_tickets(SSL_CTX *ctx, size_t num_tickets)
4910 ctx->num_tickets = num_tickets;
4915 size_t SSL_CTX_get_num_tickets(const SSL_CTX *ctx)
4917 return ctx->num_tickets;
4923 * If EVP_MD pointer is passed, initializes ctx with this |md|.
4924 * Returns the newly allocated ctx;
4950 EVP_MD_CTX *ctx = NULL;
4960 ctx = EVP_MD_CTX_new();
4961 if (ctx == NULL) {
4966 if (!EVP_MD_CTX_copy_ex(ctx, hdgst)
4967 || EVP_DigestFinal_ex(ctx, out, NULL) <= 0) {
4976 EVP_MD_CTX_free(ctx);
5010 int (*cb) (const SSL *s, const SSL_CTX *ctx,
5018 const SSL_CTX *ctx, int op,
5034 void SSL_CTX_set_security_level(SSL_CTX *ctx, int level)
5036 ctx->cert->sec_level = level;
5039 int SSL_CTX_get_security_level(const SSL_CTX *ctx)
5041 return ctx->cert->sec_level;
5044 void SSL_CTX_set_security_callback(SSL_CTX *ctx,
5045 int (*cb) (const SSL *s, const SSL_CTX *ctx,
5049 ctx->cert->sec_cb = cb;
5052 int (*SSL_CTX_get_security_callback(const SSL_CTX *ctx)) (const SSL *s,
5053 const SSL_CTX *ctx,
5058 return ctx->cert->sec_cb;
5061 void SSL_CTX_set0_security_ex_data(SSL_CTX *ctx, void *ex)
5063 ctx->cert->sec_ex = ex;
5066 void *SSL_CTX_get0_security_ex_data(const SSL_CTX *ctx)
5068 return ctx->cert->sec_ex;
5071 uint64_t SSL_CTX_get_options(const SSL_CTX *ctx)
5073 return ctx->options;
5081 uint64_t SSL_CTX_set_options(SSL_CTX *ctx, uint64_t op)
5083 return ctx->options |= op;
5091 uint64_t SSL_CTX_clear_options(SSL_CTX *ctx, uint64_t op)
5093 return ctx->options &= ~op;
5265 static int ct_permissive(const CT_POLICY_EVAL_CTX * ctx,
5271 static int ct_strict(const CT_POLICY_EVAL_CTX * ctx,
5295 if (callback != NULL && SSL_CTX_has_client_custom_ext(s->ctx,
5316 int SSL_CTX_set_ct_validation_callback(SSL_CTX *ctx,
5323 if (callback != NULL && SSL_CTX_has_client_custom_ext(ctx,
5330 ctx->ct_validation_callback = callback;
5331 ctx->ct_validation_callback_arg = arg;
5340 int SSL_CTX_ct_is_enabled(const SSL_CTX *ctx)
5342 return ctx->ct_validation_callback != NULL;
5351 CT_POLICY_EVAL_CTX *ctx = NULL;
5382 ctx = CT_POLICY_EVAL_CTX_new_ex(s->ctx->libctx, s->ctx->propq);
5383 if (ctx == NULL) {
5389 CT_POLICY_EVAL_CTX_set1_cert(ctx, cert);
5390 CT_POLICY_EVAL_CTX_set1_issuer(ctx, issuer);
5391 CT_POLICY_EVAL_CTX_set_shared_CTLOG_STORE(ctx, s->ctx->ctlog_store);
5393 ctx, (uint64_t)SSL_SESSION_get_time(SSL_get0_session(s)) * 1000);
5411 if (SCT_LIST_validate(scts, ctx) < 0) {
5416 ret = s->ct_validation_callback(ctx, scts, s->ct_validation_callback_arg);
5423 CT_POLICY_EVAL_CTX_free(ctx);
5444 int SSL_CTX_enable_ct(SSL_CTX *ctx, int validation_mode)
5451 return SSL_CTX_set_ct_validation_callback(ctx, ct_permissive, NULL);
5453 return SSL_CTX_set_ct_validation_callback(ctx, ct_strict, NULL);
5470 int SSL_CTX_set_default_ctlog_list_file(SSL_CTX *ctx)
5472 return CTLOG_STORE_load_default_file(ctx->ctlog_store);
5475 int SSL_CTX_set_ctlog_list_file(SSL_CTX *ctx, const char *path)
5477 return CTLOG_STORE_load_file(ctx->ctlog_store, path);
5480 void SSL_CTX_set0_ctlog_store(SSL_CTX *ctx, CTLOG_STORE * logs)
5482 CTLOG_STORE_free(ctx->ctlog_store);
5483 ctx->ctlog_store = logs;
5486 const CTLOG_STORE *SSL_CTX_get0_ctlog_store(const SSL_CTX *ctx)
5488 return ctx->ctlog_store;
5625 void SSL_CTX_set_keylog_callback(SSL_CTX *ctx, SSL_CTX_keylog_cb_func cb)
5627 ctx->keylog_callback = cb;
5630 SSL_CTX_keylog_cb_func SSL_CTX_get_keylog_callback(const SSL_CTX *ctx)
5632 return ctx->keylog_callback;
5648 if (ssl->ctx->keylog_callback == NULL)
5682 ssl->ctx->keylog_callback(ssl, (const char *)out);
5885 int SSL_CTX_set_max_early_data(SSL_CTX *ctx, uint32_t max_early_data)
5887 ctx->max_early_data = max_early_data;
5892 uint32_t SSL_CTX_get_max_early_data(const SSL_CTX *ctx)
5894 return ctx->max_early_data;
5909 int SSL_CTX_set_recv_max_early_data(SSL_CTX *ctx, uint32_t recv_max_early_data)
5911 ctx->recv_max_early_data = recv_max_early_data;
5916 uint32_t SSL_CTX_get_recv_max_early_data(const SSL_CTX *ctx)
5918 return ctx->recv_max_early_data;
5981 void SSL_CTX_set_post_handshake_auth(SSL_CTX *ctx, int val)
5983 ctx->pha_enabled = val;
6038 int SSL_CTX_set_session_ticket_cb(SSL_CTX *ctx,
6043 ctx->generate_ticket_cb = gen_cb;
6044 ctx->decrypt_ticket_cb = dec_cb;
6045 ctx->ticket_cb_data = arg;
6049 void SSL_CTX_set_allow_early_data_cb(SSL_CTX *ctx,
6053 ctx->allow_early_data_cb = cb;
6054 ctx->allow_early_data_cb_data = arg;
6169 int SSL_CTX_set0_tmp_dh_pkey(SSL_CTX *ctx, EVP_PKEY *dhpkey)
6171 if (!ssl_ctx_security(ctx, SSL_SECOP_TMP_DH,
6176 EVP_PKEY_free(ctx->cert->dh_tmp);
6177 ctx->cert->dh_tmp = dhpkey;