in adapters/tlsio_schannel.c [1410:1547]
int tlsio_schannel_setoption(CONCRETE_IO_HANDLE tls_io, const char* optionName, const void* value)
{
int result;
if (tls_io == NULL || optionName == NULL)
{
LogError("invalid argument detected: CONCRETE_IO_HANDLE tls_io = %p, const char* optionName = %p", tls_io, optionName);
result = MU_FAILURE;
}
else
{
TLS_IO_INSTANCE* tls_io_instance = (TLS_IO_INSTANCE*)tls_io;
if (strcmp(SU_OPTION_X509_CERT, optionName) == 0 || strcmp(OPTION_X509_ECC_CERT, optionName) == 0)
{
if (tls_io_instance->x509certificate != NULL)
{
LogError("x509certificate has already been specified");
result = MU_FAILURE;
}
else
{
tls_io_instance->x509certificate = (char *)tlsio_schannel_CloneOption(optionName, value);
if (tls_io_instance->x509certificate == NULL)
{
LogError("tlsio_schannel_CloneOption failed");
result = MU_FAILURE;
}
else
{
if (tls_io_instance->x509privatekey != NULL)
{
tls_io_instance->x509_schannel_handle = x509_schannel_create(tls_io_instance->x509certificate, tls_io_instance->x509privatekey);
if (tls_io_instance->x509_schannel_handle == NULL)
{
LogError("x509_schannel_create failed");
result = MU_FAILURE;
}
else
{
/*all is fine, the x509 shall be used later*/
result = 0;
}
}
else
{
result = 0; /*all is fine, maybe x509 privatekey will come and then x509 is set*/
}
}
}
}
else if (strcmp(SU_OPTION_X509_PRIVATE_KEY, optionName) == 0 || strcmp(OPTION_X509_ECC_KEY, optionName) == 0)
{
if (tls_io_instance->x509privatekey != NULL)
{
LogError("x509privatekey has already been specified");
result = MU_FAILURE;
}
else
{
tls_io_instance->x509privatekey = (char *)tlsio_schannel_CloneOption(optionName, value);
if (tls_io_instance->x509privatekey == NULL)
{
LogError("tlsio_schannel_CloneOption failed");
result = MU_FAILURE;
}
else
{
if (tls_io_instance->x509certificate != NULL)
{
tls_io_instance->x509_schannel_handle = x509_schannel_create(tls_io_instance->x509certificate, tls_io_instance->x509privatekey);
if (tls_io_instance->x509_schannel_handle == NULL)
{
LogError("x509_schannel_create failed");
result = MU_FAILURE;
}
else
{
/*all is fine, the x509 shall be used later*/
result = 0;
}
}
else
{
result = 0; /*all is fine, maybe x509 cert will come and then x509 is set*/
}
}
}
}
else if (strcmp(OPTION_TRUSTED_CERT, optionName) == 0)
{
if (value == NULL)
{
LogError("Invalid paramater: OPTION_TRUSTED_CERT value=NULL");
result = MU_FAILURE;
}
else
{
if (tls_io_instance->trustedCertificate != NULL)
{
free(tls_io_instance->trustedCertificate);
tls_io_instance->trustedCertificate = NULL;
}
if (mallocAndStrcpy_s((char**)&tls_io_instance->trustedCertificate, value) != 0)
{
LogError("unable to mallocAndStrcpy_s %s", optionName);
result = MU_FAILURE;
}
else
{
result = 0;
}
}
}
else if (strcmp("ignore_server_name_check", optionName) == 0)
{
bool* server_name_check = (bool*)value;
tls_io_instance->ignore_server_name_check = *server_name_check;
result = 0;
}
else if (tls_io_instance->socket_io == NULL)
{
LogError("tls_io_instance->socket_io is not set");
result = MU_FAILURE;
}
else if (strcmp(optionName, OPTION_SET_TLS_RENEGOTIATION) == 0)
{
// No need to do anything for Schannel
result = 0;
}
else
{
result = xio_setoption(tls_io_instance->socket_io, optionName, value);
}
}
return result;
}