MCPcopy Create free account
hub / github.com/SIPp/sipp / TLS_init_context

Function TLS_init_context

src/sslsocket.cpp:361–465  ·  view source on GitHub ↗

Prepare the SSL context ************************/

Source from the content-addressed store, hash-verified

359
360/************* Prepare the SSL context ************************/
361enum tls_init_status TLS_init_context(void)
362{
363 sip_trp_ssl_ctx = instantiate_ssl_context("generic");
364
365 if (sip_trp_ssl_ctx == nullptr) {
366 ERROR("TLS_init_context: SSL_CTX_new with TLS_method failed for generic context");
367 return TLS_INIT_ERROR;
368 }
369
370 sip_trp_ssl_ctx_client = instantiate_ssl_context("client");
371
372 if (sip_trp_ssl_ctx_client == nullptr) {
373 ERROR("TLS_init_context: SSL_CTX_new with TLS_method failed for client context");
374 return TLS_INIT_ERROR;
375 }
376
377 bool got_ca_file = strlen(tls_ca_name) != 0;
378 bool got_crl_file = strlen(tls_crl_name) != 0;
379
380 /* Load the trusted CA's */
381 if (got_ca_file) {
382 SSL_CTX_load_verify_locations(sip_trp_ssl_ctx, tls_ca_name, nullptr);
383 SSL_CTX_load_verify_locations(sip_trp_ssl_ctx_client, tls_ca_name, nullptr);
384 }
385
386 /* TLS Verification only makes sense if an CA is specified or
387 * we require CRL validation. */
388 if (got_ca_file || got_crl_file) {
389 if (got_crl_file) {
390 if (sip_tls_load_crls(sip_trp_ssl_ctx, tls_crl_name) == -1) {
391 ERROR("TLS_init_context: Unable to load CRL file (%s)", tls_crl_name);
392 return TLS_INIT_ERROR;
393 }
394
395 if (sip_tls_load_crls(sip_trp_ssl_ctx_client, tls_crl_name) == -1) {
396 ERROR("TLS_init_context: Unable to load CRL (client) file (%s)",
397 tls_crl_name);
398 return TLS_INIT_ERROR;
399 }
400 }
401 /* The following call forces to process the certificates with
402 * the initialised SSL_CTX */
403 SSL_CTX_set_verify(sip_trp_ssl_ctx,
404 SSL_VERIFY_PEER |
405 SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
406 sip_tls_verify_callback);
407
408 SSL_CTX_set_verify(sip_trp_ssl_ctx_client,
409 SSL_VERIFY_PEER |
410 SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
411 sip_tls_verify_callback);
412 }
413
414
415 /* Selection Cipher suits - load the application specified ciphers */
416 SSL_CTX_set_default_passwd_cb_userdata(sip_trp_ssl_ctx,
417 (void *)CALL_BACK_USER_DATA);
418 SSL_CTX_set_default_passwd_cb_userdata(sip_trp_ssl_ctx_client,

Callers 1

mainFunction · 0.85

Calls 3

instantiate_ssl_contextFunction · 0.85
ERRORFunction · 0.85
keylog_fileFunction · 0.85

Tested by

no test coverage detected