DGNum/hostapd
6
0
Fork 0
Code Issues Pull requests 1 Projects Releases Packages Wiki Activity Actions

TLS: Add new arguments to tls_connection_set_verify()

Browse source 
The new flags and session_ctx arguments will be used in followup
commits.

Signed-off-by: Jouni Malinen <j@w1.fi>
This commit is contained in:
Jouni Malinen 2015-08-23 21:11:01 +03:00
parent bd9b8b2b68
commit bfbebd2665
6 changed files with 19 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/crypto/tls.h
View file

@ -305,11 +305,17 @@ int __must_check tls_global_set_verify(void *tls_ctx, int check_crl);
* @tls_ctx: TLS context data from tls_init()
* @conn: Connection context data from tls_connection_init()
* @verify_peer: 1 = verify peer certificate
* @flags: Connection flags (TLS_CONN_*)
* @session_ctx: Session caching context or %NULL to use default
* @session_ctx_len: Length of @session_ctx in bytes.
* Returns: 0 on success, -1 on failure
*/
int __must_check tls_connection_set_verify(void *tls_ctx,
struct tls_connection *conn,
int verify_peer);
int verify_peer,
unsigned int flags,
const u8 *session_ctx,
size_t session_ctx_len);
/**
* tls_connection_get_random - Get random data from TLS connection

3
src/crypto/tls_gnutls.c
View file

@ -708,7 +708,8 @@ int tls_global_set_verify(void *ssl_ctx, int check_crl)
int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
int verify_peer)
int verify_peer, unsigned int flags,
const u8 *session_ctx, size_t session_ctx_len)
{
if (conn == NULL || conn->session == NULL)
return -1;

3
src/crypto/tls_internal.c
View file

@ -328,7 +328,8 @@ int tls_global_set_verify(void *tls_ctx, int check_crl)
int tls_connection_set_verify(void *tls_ctx, struct tls_connection *conn,
int verify_peer)
int verify_peer, unsigned int flags,
const u8 *session_ctx, size_t session_ctx_len)
{
#ifdef CONFIG_TLS_INTERNAL_SERVER
if (conn->server)

3
src/crypto/tls_none.c
View file

@ -72,7 +72,8 @@ int tls_global_set_verify(void *tls_ctx, int check_crl)
int tls_connection_set_verify(void *tls_ctx, struct tls_connection *conn,
int verify_peer)
int verify_peer, unsigned int flags,
const u8 *session_ctx, size_t session_ctx_len)
{
return -1;
}

3
src/crypto/tls_openssl.c
View file

@ -1944,7 +1944,8 @@ static int tls_connection_set_subject_match(struct tls_connection *conn,
int tls_connection_set_verify(void *ssl_ctx, struct tls_connection *conn,
int verify_peer)
int verify_peer, unsigned int flags,
const u8 *session_ctx, size_t session_ctx_len)
{
static int counter = 0;