int
tls_get_conninfo(struct tls *ctx) {
const char * tmp;
tls_free_conninfo(ctx->conninfo);
if (ctx->ssl_peer_cert != NULL) {
if (tls_get_peer_cert_hash(ctx, &ctx->conninfo->hash) == -1)
goto err;
if (tls_get_peer_cert_subject(ctx, &ctx->conninfo->subject)
== -1)
goto err;
if (tls_get_peer_cert_issuer(ctx, &ctx->conninfo->issuer) == -1)
goto err;
if (tls_get_peer_cert_times(ctx, &ctx->conninfo->notbefore,
&ctx->conninfo->notafter) == -1)
goto err;
}
if ((tmp = SSL_get_version(ctx->ssl_conn)) == NULL)
goto err;
ctx->conninfo->version = strdup(tmp);
if (ctx->conninfo->version == NULL)
goto err;
if ((tmp = SSL_get_cipher(ctx->ssl_conn)) == NULL)
goto err;
ctx->conninfo->cipher = strdup(tmp);
if (ctx->conninfo->cipher == NULL)
goto err;
return (0);
err:
tls_free_conninfo(ctx->conninfo);
return (-1);
}
void
tls_reset(struct tls *ctx)
{
SSL_CTX_free(ctx->ssl_ctx);
SSL_free(ctx->ssl_conn);
X509_free(ctx->ssl_peer_cert);
ctx->ssl_conn = NULL;
ctx->ssl_ctx = NULL;
ctx->ssl_peer_cert = NULL;
ctx->socket = -1;
ctx->state = 0;
free(ctx->servername);
ctx->servername = NULL;
free(ctx->error.msg);
ctx->error.msg = NULL;
ctx->error.num = -1;
tls_free_conninfo(ctx->conninfo);
free(ctx->conninfo);
ctx->conninfo = NULL;
ctx->used_dh_bits = 0;
ctx->used_ecdh_nid = 0;
tls_ocsp_info_free(ctx->ocsp_info);
ctx->ocsp_info = NULL;
ctx->ocsp_result = NULL;
if (ctx->flags & TLS_OCSP_CLIENT)
tls_ocsp_client_free(ctx);
}
void
tls_reset(struct tls *ctx)
{
SSL_CTX_free(ctx->ssl_ctx);
SSL_free(ctx->ssl_conn);
X509_free(ctx->ssl_peer_cert);
ctx->ssl_conn = NULL;
ctx->ssl_ctx = NULL;
ctx->ssl_peer_cert = NULL;
ctx->socket = -1;
ctx->state = 0;
free(ctx->servername);
ctx->servername = NULL;
free(ctx->errmsg);
ctx->errmsg = NULL;
ctx->errnum = 0;
tls_free_conninfo(ctx->conninfo);
free(ctx->conninfo);
ctx->conninfo = NULL;
}
