/* Accept incoming SSL connection. Return Values: 1: SSL Connection established 0: try again -1: SSL Connection not established due to fatal error. */ int ConnSSL_Accept( CONNECTION *c ) { assert(c != NULL); if (!Conn_OPTION_ISSET(c, CONN_SSL)) { #ifdef HAVE_LIBGNUTLS int err = gnutls_init(&c->ssl_state.gnutls_session, GNUTLS_SERVER); if (err) { Log(LOG_ERR, "Failed to initialize new SSL session: %s", gnutls_strerror(err)); return false; } #endif if (!ConnSSL_Init_SSL(c)) return -1; } return ConnectAccept(c, false ); }
bool ConnSSL_PrepareConnect(CONNECTION *c, UNUSED CONF_SERVER *s) { bool ret; #ifdef HAVE_LIBGNUTLS int err; err = gnutls_init(&c->ssl_state.gnutls_session, GNUTLS_CLIENT); if (err) { Log(LOG_ERR, "gnutls_init: %s", gnutls_strerror(err)); return false; } #endif ret = ConnSSL_Init_SSL(c); if (!ret) return false; Conn_OPTION_ADD(c, CONN_SSL_CONNECT); #ifdef HAVE_LIBSSL assert(c->ssl_state.ssl); SSL_set_verify(c->ssl_state.ssl, SSL_VERIFY_NONE, NULL); #endif return true; }