162     ct_conn_config *conncfg;
1520     ct_conn_config *conncfg =
1523     if (!conncfg) {
1524         conncfg = apr_pcalloc(c->pool, sizeof *conncfg);
1525         ap_set_module_config(c->conn_config, &ssl_ct_module, conncfg);
1528     return conncfg;
1533     ct_conn_config *conncfg = get_conn_config(c);
1534     conncfg->peer_ct_aware = 1;
1539     ct_conn_config *conncfg = get_conn_config(c);
1541     return conncfg->peer_ct_aware;
1546     ct_conn_config *conncfg = get_conn_config(c);
1547     conncfg->server_cert_has_sct_list = 1;
1548     conncfg->peer_ct_aware = 1;
1589                            ct_conn_config *conncfg)
1599     if (conncfg->cert_sct_list) {
1600         SHA256_Update(&sha256ctx, conncfg->cert_sct_list, 
1601                       conncfg->cert_sct_list_size);
1603     if (conncfg->serverhello_sct_list) {
1604         SHA256_Update(&sha256ctx, conncfg->serverhello_sct_list,
1605                       conncfg->serverhello_sct_list_size);
1607     if (conncfg->ocsp_sct_list) {
1608         SHA256_Update(&sha256ctx, conncfg->ocsp_sct_list,
1609                       conncfg->ocsp_sct_list_size);
1616                                      ct_conn_config *conncfg,
1648             ct_sct_data *sct = (ct_sct_data *)apr_array_push(conncfg->all_scts);
1667                                          cert_chain *cc, ct_conn_config *conncfg,
1673     if (conncfg->serverhello_sct_list) {
1675                      conncfg->serverhello_sct_list,
1676                      conncfg->serverhello_sct_list_size,
1680     if (conncfg->cert_sct_list) {
1682                      conncfg->cert_sct_list,
1683                      conncfg->cert_sct_list_size,
1687     if (conncfg->ocsp_sct_list) {
1689                      conncfg->ocsp_sct_list,
1690                      conncfg->ocsp_sct_list_size,
1695     if (!conncfg->all_scts) {
1696         conncfg->all_scts = apr_array_make(p, 4, sizeof(ct_sct_data));
1700     if (conncfg->cert_sct_list) {
1701         rv = deserialize_SCTs(p, conncfg, conncfg->cert_sct_list,
1702                               conncfg->cert_sct_list_size);
1709     if (rv == APR_SUCCESS && conncfg->serverhello_sct_list) {
1710         rv = deserialize_SCTs(p, conncfg, conncfg->serverhello_sct_list,
1711                               conncfg->serverhello_sct_list_size);
1718     if (rv == APR_SUCCESS && conncfg->ocsp_sct_list) {
1719         rv = deserialize_SCTs(p, conncfg, conncfg->ocsp_sct_list,
1720                               conncfg->ocsp_sct_list_size);
1729         if (conncfg->all_scts->nelts < 1) {
1744                           "%d SCTs received total", conncfg->all_scts->nelts);
1747             sct_elts = (ct_sct_data *)conncfg->all_scts->elts;
1748             for (i = 0; i < conncfg->all_scts->nelts; i++) {
1808                           conncfg->all_scts->nelts, verification_successes,
1827                              ct_conn_config *conncfg,
1896             sct_elts = (ct_sct_data *)conncfg->all_scts->elts;
1897             for (i = 0; rv == APR_SUCCESS && i < conncfg->all_scts->nelts; i++) {
1938     ct_conn_config *conncfg = get_conn_config(c);
1999             conncfg->ocsp_has_sct_list = 1;
2000             conncfg->peer_ct_aware = 1;
2001             conncfg->ocsp_sct_list_size = oct2->length;
2002             conncfg->ocsp_sct_list = apr_pmemdup(c->pool, oct2->data,
2003                                                  conncfg->ocsp_sct_list_size);
2040     ct_conn_config *conncfg = get_conn_config(c);
2051     conncfg->serverhello_has_sct_list = 1;
2052     conncfg->peer_ct_aware = 1;
2053     conncfg->serverhello_sct_list = apr_pmemdup(c->pool, in, inlen);
2054     conncfg->serverhello_sct_list_size = inlen;
2071     ct_conn_config *conncfg = get_conn_config(c);
2097     conncfg->certs = certs;
2123             conncfg->cert_sct_list = apr_pmemdup(p,
2126             conncfg->cert_sct_list_size = octet->length;
2140     ct_conn_config *conncfg = get_conn_config(c);
2156                   conncfg->cert_sct_list, conncfg->serverhello_sct_list,
2157                   conncfg->ocsp_sct_list, c);
2163     if (conncfg->cert_sct_list || conncfg->serverhello_sct_list
2164         || conncfg->ocsp_sct_list) {
2173         key = gen_key(c, conncfg->certs, conncfg);
2189                 rv = validate_server_data(p, c, conncfg->certs, conncfg, sconf);
2215                 save_server_data(c, conncfg->certs, conncfg, key);
2233     if (conncfg->certs) {
2234         cert_chain_free(conncfg->certs);
2235         conncfg->certs = NULL;
2241                   conncfg->serverhello_has_sct_list ? "ServerHello " : "",
2242                   conncfg->server_cert_has_sct_list ? "certificate-extension " : "",
2243                   conncfg->ocsp_has_sct_list ? "OCSP " : "",
2345     ct_conn_config *conncfg = get_conn_config(c);
2348         conncfg->proxy_handshake = 1;
2351         conncfg->client_handshake = 1;
2435     ct_conn_config *conncfg =
2438     if (conncfg) {
2439         if (conncfg->client_handshake) {
2441                           conncfg->peer_ct_aware ?
2674         ct_conn_config *conncfg = get_conn_config(origin);
2679                       conncfg->server_cert_has_sct_list,
2680                       conncfg->serverhello_has_sct_list,
2681                       conncfg->ocsp_has_sct_list);
2683         if (conncfg->proxy_handshake) {
2685                           conncfg->peer_ct_aware ?
2689                                conncfg->server_cert_has_sct_list ? "certext," : "",
2690                                conncfg->serverhello_has_sct_list ? "tlsext," : "",
2691                                conncfg->ocsp_has_sct_list ? "ocsp" : "",

Indexes created Tue Jul 24 14:28:13 CEST 2018