194 static struct tls_global tls_ctx_global;  variable
397     if (++tls_ctx_global.refcnt > 1)  in tls_init()
398         return &tls_ctx_global;  in tls_init()
401     tls_ctx_global.ctr_drbg = crypto_mbedtls_ctr_drbg();  in tls_init()
404     mbedtls_ssl_ticket_init(&tls_ctx_global.ticket_ctx);  in tls_init()
405     mbedtls_ssl_ticket_setup(&tls_ctx_global.ticket_ctx, hostap_rng_fn, hostap_rng_ctx(),  in tls_init()
409     tls_ctx_global.init_conf = *conf;  in tls_init()
411         tls_ctx_global.init_conf.openssl_ciphers = os_strdup(conf->openssl_ciphers);  in tls_init()
413     tls_ctx_global.crl_reload_interval = conf->crl_reload_interval;  in tls_init()
414     os_get_reltime(&tls_ctx_global.crl_reload_previous);  in tls_init()
416     return &tls_ctx_global;  in tls_init()
424     tls_ctx_global.tls_conf = tls_conf_deinit(tls_ctx_global.tls_conf);  in tls_deinit()
426     if (--tls_ctx_global.refcnt != 0)  in tls_deinit()
429     os_free(tls_ctx_global.ca_cert_file);  in tls_deinit()
430     os_free(tls_ctx_global.ocsp_stapling_response);  in tls_deinit()
432     *(const char **)&openssl_ciphers = tls_ctx_global.init_conf.openssl_ciphers;  in tls_deinit()
435     mbedtls_ssl_ticket_free(&tls_ctx_global.ticket_ctx);  in tls_deinit()
437     os_memset(&tls_ctx_global, 0, sizeof(tls_ctx_global));  in tls_deinit()
500     conn->tls_conf = tls_ctx_global.tls_conf; /*(inherit global conf, if set)*/  in tls_connection_init()
510             tls_connection_deinit(&tls_ctx_global, conn);  in tls_connection_init()
1442     unsigned int crl_reload_interval = tls_ctx_global.crl_reload_interval;  in tls_mbedtls_refresh_crl()
1443     const char *ca_cert_file         = tls_ctx_global.ca_cert_file;  in tls_mbedtls_refresh_crl()
1447     struct os_reltime *previous = &tls_ctx_global.crl_reload_previous;  in tls_mbedtls_refresh_crl()
1459     if (tls_mbedtls_set_ca_and_crl(tls_ctx_global.tls_conf, ca_cert_file) == 0)  in tls_mbedtls_refresh_crl()
1556         tls_conf->verify_peer = (tls_ctx_global.tls_conf == NULL);  in tls_mbedtls_set_certs()
1732         &tls_conf->conf, tls_ctx_global.tls_conf ? MBEDTLS_SSL_IS_SERVER : MBEDTLS_SSL_IS_CLIENT,  in tls_mbedtls_set_params()
1812     if (tls_ctx_global.tls_conf)  in tls_connection_set_params()
1814         tls_conf->check_crl        = tls_ctx_global.tls_conf->check_crl;  in tls_connection_set_params()
1815         tls_conf->check_crl_strict = tls_ctx_global.tls_conf->check_crl_strict;  in tls_connection_set_params()
1818         if (tls_ctx_global.tls_conf->check_cert_subject)  in tls_connection_set_params()
1820             tls_conf->check_cert_subject = os_strdup(tls_ctx_global.tls_conf->check_cert_subject);  in tls_connection_set_params()
1885 …  return mbedtls_ssl_ticket_write(&tls_ctx_global.ticket_ctx, session, start, end, tlen, lifetime);  in tls_mbedtls_ssl_ticket_write()
1918     int rc = mbedtls_ssl_ticket_parse(&tls_ctx_global.ticket_ctx, session, buf, len);  in tls_mbedtls_ssl_ticket_parse()
1929     if (tls_ctx_global.tls_conf)  in tls_global_set_params()
1930         tls_conf_deinit(tls_ctx_global.tls_conf);  in tls_global_set_params()
1931     tls_ctx_global.tls_conf = tls_conf_init(tls_ctx);  in tls_global_set_params()
1932     if (tls_ctx_global.tls_conf == NULL)  in tls_global_set_params()
1939 …  mbedtls_ssl_conf_session_tickets_cb(&tls_ctx_global.tls_conf->conf, tls_mbedtls_ssl_ticket_write,  in tls_global_set_params()
1942 …      mbedtls_ssl_conf_session_tickets_cb(&tls_ctx_global.tls_conf->conf, mbedtls_ssl_ticket_write,  in tls_global_set_params()
1943                                             mbedtls_ssl_ticket_parse, &tls_ctx_global.ticket_ctx);  in tls_global_set_params()
1948     os_free(tls_ctx_global.ocsp_stapling_response);  in tls_global_set_params()
1949     tls_ctx_global.ocsp_stapling_response = NULL;  in tls_global_set_params()
1951         tls_ctx_global.ocsp_stapling_response = os_strdup(params->ocsp_stapling_response);  in tls_global_set_params()
1954     tls_ctx_global.ca_cert_file = NULL;  in tls_global_set_params()
1956         tls_ctx_global.ca_cert_file = os_strdup(params->ca_cert);  in tls_global_set_params()
1957     return tls_mbedtls_set_params(tls_ctx_global.tls_conf, params);  in tls_global_set_params()
1962     tls_ctx_global.tls_conf->check_crl        = check_crl;  in tls_global_set_verify()
1963     tls_ctx_global.tls_conf->check_crl_strict = strict; /*(time checks)*/  in tls_global_set_verify()
2178     if (tls_ctx_global.tls_conf) /*(is server; want issue event on client)*/  in tls_mbedtls_suiteb_handshake_alert()
2181     struct tls_config *init_conf = &tls_ctx_global.init_conf;  in tls_mbedtls_suiteb_handshake_alert()
2216         params.openssl_ciphers = tls_ctx_global.init_conf.openssl_ciphers;  in tls_connection_handshake()
2217         params.flags           = tls_ctx_global.tls_conf->flags;  in tls_connection_handshake()
2273             if (tls_ctx_global.tls_conf /*(is server)*/  in tls_connection_handshake()
2948     struct tls_config *init_conf = &tls_ctx_global.init_conf;  in tls_mbedtls_verify_fail_event()
2973     struct tls_config *init_conf = &tls_ctx_global.init_conf;  in tls_mbedtls_verify_cert_event()
3282         struct tls_config *init_conf = &tls_ctx_global.init_conf;  in tls_mbedtls_verify_cb()