summaryrefslogtreecommitdiff
path: root/lib/tls.c
diff options
context:
space:
mode:
Diffstat (limited to 'lib/tls.c')
-rw-r--r--lib/tls.c20
1 files changed, 10 insertions, 10 deletions
diff --git a/lib/tls.c b/lib/tls.c
index 979ee3c..b9fb3cf 100644
--- a/lib/tls.c
+++ b/lib/tls.c
@@ -26,14 +26,14 @@ _get_tlsconf (struct rs_connection *conn, const struct rs_realm *realm)
{
memset (c, 0, sizeof (struct tls));
/* _conn_open() should've picked a peer by now. */
- assert (conn->active_peer);
+ assert (conn->base_.active_peer);
/* TODO: Make sure old radsecproxy code doesn't free these all
of a sudden, or strdup them. */
c->name = realm->name;
- c->cacertfile = conn->active_peer->cacertfile;
+ c->cacertfile = conn->base_.active_peer->cacertfile;
c->cacertpath = NULL; /* NYI */
- c->certfile = conn->active_peer->certfile;
- c->certkeyfile = conn->active_peer->certkeyfile;
+ c->certfile = conn->base_.active_peer->certfile;
+ c->certkeyfile = conn->base_.active_peer->certkeyfile;
c->certkeypwd = NULL; /* NYI */
c->cacheexpiry = 0; /* NYI */
c->crlcheck = 0; /* NYI */
@@ -60,7 +60,7 @@ psk_client_cb (SSL *ssl,
conn = SSL_get_ex_data (ssl, 0);
assert (conn != NULL);
- cred = conn->active_peer->transport_cred;
+ cred = conn->base_.active_peer->transport_cred;
assert (cred != NULL);
/* NOTE: Ignoring identity hint from server. */
@@ -126,7 +126,7 @@ rs_tls_init (struct rs_connection *conn)
assert (conn->base_.ctx);
ctx = conn->base_.ctx;
- tlsconf = _get_tlsconf (conn, conn->active_peer->realm);
+ tlsconf = _get_tlsconf (conn, conn->base_.active_peer->realm);
if (!tlsconf)
return -1;
ssl_ctx = tlsgetctx (RAD_TLS, tlsconf);
@@ -147,7 +147,7 @@ rs_tls_init (struct rs_connection *conn)
}
#if defined RS_ENABLE_TLS_PSK
- if (conn->active_peer->transport_cred != NULL)
+ if (conn->base_.active_peer->transport_cred != NULL)
{
SSL_set_psk_client_callback (ssl, psk_client_cb);
SSL_set_ex_data (ssl, 0, conn);
@@ -203,9 +203,9 @@ tls_verify_cert (struct rs_connection *conn)
struct in6_addr addr;
const char *hostname = NULL;
- assert (conn->active_peer->conn == conn);
- assert (conn->active_peer->hostname != NULL);
- hostname = conn->active_peer->hostname;
+ assert (conn->base_.active_peer != NULL);
+ assert (conn->base_.active_peer->hostname != NULL);
+ hostname = conn->base_.active_peer->hostname;
/* verifytlscert() performs basic verification as described by
OpenSSL VERIFY(1), i.e. verification of the certificate chain. */
generated by cgit v1.1 at 2024-12-29 08:28:16 +0000