Lines Matching refs:cert
1346 /* get peer's cert */
1351 "no peer's CERT payload found.\n");
1360 "no peer's CERT file found.\n");
1364 /* don't use cached cert */
1389 "why peer's CERT file is defined "
1394 /* don't use cached cert */
1403 "no CERT RR found.\n");
1448 error = eay_check_x509cert(&iph1->cert_p->cert,
1469 plog(LLV_DEBUG, LOCATION, NULL, "CERT validated\n");
1472 "CERT validation disabled by configuration\n");
1513 &iph1->cert_p->cert);
1642 if (iph1->cert)
1663 * get a CERT from local file.
1665 * my != 0 my cert.
1666 * my == 0 peer's cert.
1674 vchar_t *cert = NULL;
1681 certpl = &iph1->cert;
1687 plog(LLV_ERROR, LOCATION, NULL, "no CERT defined.\n");
1696 cert = eay_get_x509cert(path);
1697 if (cert) {
1699 p = eay_get_x509text(cert);
1712 if (!cert) {
1714 "failed to get %s CERT.\n",
1722 "failed to get cert buffer.\n");
1725 (*certpl)->pl = vmalloc(cert->l + 1);
1728 "failed to get cert buffer\n");
1733 memcpy((*certpl)->pl->v + 1, cert->v, cert->l);
1736 (*certpl)->cert.v = (*certpl)->pl->v + 1;
1737 (*certpl)->cert.l = (*certpl)->pl->l - 1;
1739 plog(LLV_DEBUG, LOCATION, NULL, "created CERT payload:\n");
1745 if (cert != NULL)
1746 vfree(cert);
1758 vchar_t *cert = NULL;
1856 plog(LLV_ERROR, LOCATION, NULL, "no cert defined.\n");
1922 plog(LLV_ERROR, LOCATION, NULL, "no ID nor CERT found.\n");
1931 name = eay_get_x509asn1subjectname(&iph1->cert_p->cert);
1966 if (eay_get_x509subjectaltname(&iph1->cert_p->cert,
2032 if (eay_get_x509subjectaltname(&iph1->cert_p->cert,
2061 "ID type mismatched. ID: %s CERT: %s.\n",
2136 "CERT payload is unnecessary in DNSSEC. "
2137 "ignore this CERT payload.\n");
2153 "No supported such CERT type %d\n", type);
2157 "Invalid CERT type %d\n", type);
2161 /* XXX choice the 1th cert, ignore after the cert. */
2165 "ignore 2nd CERT payload.\n");
2184 "Failed to parse PKCS#7 CERT.\n");
2196 certs=p7->d.sign->cert;
2199 certs=p7->d.signed_and_enveloped->cert;
2207 "CERT PKCS#7 bundle contains no certs.\n");
2215 X509 *cert = sk_X509_value(certs,i);
2218 "Trying PKCS#7 cert %d.\n", i);
2220 /* We'll just try each cert in turn */
2221 *c = save_certx509(cert);
2225 "Failed to get CERT buffer.\n");
2229 /* Ignore cert if it doesn't match identity
2230 * XXX If verify cert is disabled, we still just take
2236 "Discarding CERT: does not match ID.\n");
2243 char *p = eay_get_x509text(&(*c)->cert);
2244 plog(LLV_DEBUG, LOCATION, NULL, "CERT saved:\n");
2245 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2258 "Failed to get CERT buffer.\n");
2265 "CERT payload is unnecessary in DNSSEC. "
2272 /* Ignore cert if it doesn't match identity
2273 * XXX If verify cert is disabled, we still just take
2279 "Discarding CERT: does not match ID.\n");
2286 char *p = eay_get_x509text(&(*c)->cert);
2287 plog(LLV_DEBUG, LOCATION, NULL, "CERT saved:\n");
2288 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2295 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2327 "CERT payload is unnecessary in DNSSEC\n");
2357 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2377 "Failed to get CERT buffer.\n");
2384 "Failed to copy CERT from packet.\n");
2391 new->cert.v = new->pl->v + 1;
2392 new->cert.l = new->pl->l - 1;
2398 save_certx509(cert)
2399 X509 *cert;
2408 "Failed to get CERT buffer.\n");
2412 len = i2d_X509(cert, NULL);
2416 "Failed to copy CERT from packet.\n");
2422 len = i2d_X509(cert, &bp);
2424 new->cert.v = new->pl->v;
2425 new->cert.l = new->pl->l;
2480 "such a cert type isn't supported: %d\n",
2920 /* allocated new buffer for CERT */
2929 "failed to get cert's buffer\n");
2938 /* delete buffer for CERT */
2940 oakley_delcert(cert)
2941 cert_t *cert;
2943 if (!cert)
2945 if (cert->pl)
2946 VPTRINIT(cert->pl);
2947 racoon_free(cert);
