unsigned int (*record_minus)(record_t *buf, void *ptr, unsigned int size);
bool invalid_hb_used; //!< Whether heartbleed attack was detected.
+ bool connected; //!< whether the outgoing socket is connected
/*
* Framed-MTU attribute in RADIUS, if present, can also be used to set this
#ifdef ENABLE_OPENSSL_VERSION_CHECK
int tls_global_version_check(char const *acknowledged);
#endif
+
+int tls_error_log(REQUEST *request, char const *msg, ...) CC_HINT(format (printf, 2, 3));
+int tls_error_io_log(REQUEST *request, tls_session_t *session, int ret, char const *msg, ...)
+ CC_HINT(format (printf, 4, 5));
+
void tls_global_cleanup(void);
tls_session_t *tls_new_session(TALLOC_CTX *ctx, fr_tls_server_conf_t *conf, REQUEST *request, bool client_cert);
tls_session_t *tls_new_client_session(TALLOC_CTX *ctx, fr_tls_server_conf_t *conf, int fd);
fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs);
fr_tls_server_conf_t *tls_client_conf_parse(CONF_SECTION *cs);
+fr_tls_server_conf_t *tls_server_conf_alloc(TALLOC_CTX *ctx);
SSL_CTX *tls_init_ctx(fr_tls_server_conf_t *conf, int client);
int tls_handshake_recv(REQUEST *, tls_session_t *ssn);
int tls_handshake_send(REQUEST *, tls_session_t *ssn);
bool allow_expired_crl;
char const *check_cert_cn;
char const *cipher_list;
+ bool cipher_server_preference;
char const *check_cert_issuer;
bool session_cache_enable;
projects / freeradius.git / blobdiff