Lines Matching defs:ssl
1 /* $NetBSD: ssl.c,v 1.20 2024/09/25 16:53:58 christos Exp $ */
38 __RCSID("$NetBSD: ssl.c,v 1.20 2024/09/25 16:53:58 christos Exp $");
61 #include <openssl/ssl.h>
65 #include "ssl.h"
88 SSL *ssl; /* SSL handle */
132 if (conn->ssl != NULL)
133 len = SSL_write(conn->ssl, iov->iov_base, (int)iov->iov_len);
139 /* XXX perhaps we shouldn't in the SSL case */
288 SSL_free(conn->ssl);
303 fetch_ssl_read(SSL *ssl, void *buf, size_t len)
306 rlen = SSL_read(ssl, buf, (int)len);
310 switch (SSL_get_error(ssl, rlen)) {
452 * In the SSL case, this is necessary because if we
457 * In the non-SSL case, it may improve performance (very
461 if (conn->ssl != NULL)
462 rlen = fetch_ssl_read(conn->ssl, buf, len);
595 * Start the SSL/TLS negotiation.
598 * Returns pointer to allocated SSL structure on success,
604 SSL *ssl = NULL;
612 /* Init the SSL library and context */
614 warnx("SSL library init failed");
627 ssl = SSL_new(ctx);
628 if (ssl == NULL){
629 warnx("SSL context creation failed");
634 param = SSL_get0_param(ssl);
637 warnx("SSL verification setup failed");
642 SSL_set_verify(ssl, SSL_VERIFY_PEER, NULL);
645 SSL_set_options(ssl, SSL_OP_IGNORE_UNEXPECTED_EOF);
650 warn("Can't %s socket flags for SSL connect to `%s'",
656 warn("Can't set socket non-blocking for SSL connect to `%s'",
667 SSL_set_fd(ssl, sock);
668 if (!SSL_set_tlsext_host_name(ssl, __UNCONST(servername))) {
669 warnx("SSL hostname setting failed");
674 while ((ret = SSL_connect(ssl)) <= 0) {
675 ssl_err = SSL_get_error(ssl, ret);
698 fprintf(ttyout, "Timeout establishing SSL connection to `%s'\n",
702 SSL connect to `%s'", servername);
709 warn("Can't %s socket flags for SSL connect to `%s'",
719 fprintf(ttyout, "SSL connection established using %s\n",
720 SSL_get_cipher(ssl));
721 cert = SSL_get_peer_certificate(ssl);
732 return ssl;
735 if (ssl)
736 SSL_free(ssl);
745 fetch_set_ssl(struct fetch_connect *conn, void *ssl)
748 conn->ssl = ssl;
Indexes created Tue Sep 23 14:10:03 GMT 2025