x509_vfy.c - OpenGrok cross reference for /third_party/openssl/crypto/x509/x509

Lines Matching refs:dane
27 #include "internal/dane.h"
295     ret = DANETLS_ENABLED(ctx->dane) ? dane_verify(ctx) : verify_chain(ctx);
815     SSL_DANE *dane = ctx->dane;
823     if (DANETLS_HAS_TA(dane) && num_untrusted > 0 && num_untrusted < num) {
897     if (!DANETLS_ENABLED(dane))
899     if (dane->pdpth < 0)
900         dane->pdpth = num_untrusted;
902     if (dane->mdpth >= 0)
2350     ctx->dane = NULL;
2649 void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane)
2651     ctx->dane = dane;
2689     SSL_DANE *dane = ctx->dane;
2716     if (dane->mdpth >= 0)
2747     recnum = (dane->umask & mask) != 0 ? sk_danetls_record_num(dane->trecs) : 0;
2749         t = sk_danetls_record_value(dane->trecs, i);
2757             ordinal = dane->dctx->mdord[t->mtype];
2770             ordinal = dane->dctx->mdord[t->mtype];
2781             if (dane->dctx->mdord[t->mtype] < ordinal)
2790             const EVP_MD *md = dane->dctx->mdevp[mtype = t->mtype];
2813             if (matched || dane->mdpth < 0) {
2814                 dane->mdpth = depth;
2815                 dane->mtlsa = t;
2816                 OPENSSL_free(dane->mcert);
2817                 dane->mcert = cert;
2832     SSL_DANE *dane = ctx->dane;
2836     if (!DANETLS_HAS_TA(dane) || depth == 0)
2857     SSL_DANE *dane = ctx->dane;
2861     int recnum = sk_danetls_record_num(dane->trecs);
2865         t = sk_danetls_record_value(dane->trecs, i);
2873         X509_free(dane->mcert);
2874         dane->mcert = NULL;
2878         dane->mdpth = num - 1;
2879         dane->mtlsa = t;
2892 static void dane_reset(SSL_DANE *dane)
2895     X509_free(dane->mcert);
2896     dane->mcert = NULL;
2897     dane->mtlsa = NULL;
2898     dane->mdpth = -1;
2899     dane->pdpth = -1;
2914     SSL_DANE *dane = ctx->dane;
2918     dane_reset(dane);
2933     done = matched != 0 || (!DANETLS_HAS_TA(dane) && dane->mdpth < 0);
2943         if ((dane->flags & DANE_FLAG_NO_DANE_EE_NAMECHECKS) == 0 &&
2992     SSL_DANE *dane = ctx->dane;
3020     if (DANETLS_HAS_PKIX(dane) || !DANETLS_HAS_DANE(dane)) {
3036     if (DANETLS_ENABLED(dane) && dane->certs != NULL
3037         && !X509_add_certs(sk_untrusted, dane->certs, X509_ADD_FLAG_DEFAULT))
3143                     if (DANETLS_ENABLED(dane) &&
3144                         dane->mdpth >= ctx->num_untrusted) {
3145                         dane->mdpth = -1;
3146                         X509_free(dane->mcert);
3147                         dane->mcert = NULL;
3149                     if (DANETLS_ENABLED(dane) &&
3150                         dane->pdpth >= ctx->num_untrusted)
3151                         dane->pdpth = -1;
3275         if (trust == X509_TRUST_UNTRUSTED && DANETLS_HAS_DANE_TA(dane))
3302         CB_FAIL_IF(DANETLS_ENABLED(dane)
3303                        && (!DANETLS_HAS_PKIX(dane) || dane->pdpth >= 0),