Lines Matching defs:cert
1350 /* get peer's cert */
1355 "no peer's CERT payload found.\n");
1364 "no peer's CERT file found.\n");
1368 /* don't use cached cert */
1393 "why peer's CERT file is defined "
1398 /* don't use cached cert */
1407 "no CERT RR found.\n");
1452 error = eay_check_x509cert(&iph1->cert_p->cert,
1473 plog(LLV_DEBUG, LOCATION, NULL, "CERT validated\n");
1476 "CERT validation disabled by configuration\n");
1517 &iph1->cert_p->cert);
1646 if (iph1->cert)
1667 * get a CERT from local file.
1669 * my != 0 my cert.
1670 * my == 0 peer's cert.
1678 vchar_t *cert = NULL;
1685 certpl = &iph1->cert;
1691 plog(LLV_ERROR, LOCATION, NULL, "no CERT defined.\n");
1700 cert = eay_get_x509cert(path);
1701 if (cert) {
1703 p = eay_get_x509text(cert);
1716 if (!cert) {
1718 "failed to get %s CERT.\n",
1726 "failed to get cert buffer.\n");
1729 (*certpl)->pl = vmalloc(cert->l + 1);
1732 "failed to get cert buffer\n");
1737 memcpy((*certpl)->pl->v + 1, cert->v, cert->l);
1740 (*certpl)->cert.v = (*certpl)->pl->v + 1;
1741 (*certpl)->cert.l = (*certpl)->pl->l - 1;
1743 plog(LLV_DEBUG, LOCATION, NULL, "created CERT payload:\n");
1749 if (cert != NULL)
1750 vfree(cert);
1762 vchar_t *cert = NULL;
1879 plog(LLV_ERROR, LOCATION, NULL, "no cert defined.\n");
1945 plog(LLV_ERROR, LOCATION, NULL, "no ID nor CERT found.\n");
1954 name = eay_get_x509asn1subjectname(&iph1->cert_p->cert);
1989 if (eay_get_x509subjectaltname(&iph1->cert_p->cert,
2055 if (eay_get_x509subjectaltname(&iph1->cert_p->cert,
2084 "ID type mismatched. ID: %s CERT: %s.\n",
2161 "CERT payload is unnecessary in DNSSEC. "
2162 "ignore this CERT payload.\n");
2178 "No supported such CERT type %d\n", type);
2182 "Invalid CERT type %d\n", type);
2186 /* XXX choice the 1th cert, ignore after the cert. */
2190 "ignore 2nd CERT payload.\n");
2214 "Failed to parse PKCS#7 CERT.\n");
2221 "CERT PKCS#7 bundle contains no certs.\n");
2231 "Failed to parse PKCS#7 CERT.\n");
2243 certs=p7->d.sign->cert;
2246 certs=p7->d.signed_and_enveloped->cert;
2254 "CERT PKCS#7 bundle contains no certs.\n");
2263 X509 *cert = sk_X509_value(certs,i);
2266 "Trying PKCS#7 cert %d.\n", i);
2268 /* We'll just try each cert in turn */
2269 *c = save_certx509(cert);
2273 "Failed to get CERT buffer.\n");
2277 /* Ignore cert if it doesn't match identity
2278 * XXX If verify cert is disabled, we still just take
2284 "Discarding CERT: does not match ID.\n");
2291 char *p = eay_get_x509text(&(*c)->cert);
2292 plog(LLV_DEBUG, LOCATION, NULL, "CERT saved:\n");
2293 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2311 "Failed to get CERT buffer.\n");
2318 "CERT payload is unnecessary in DNSSEC. "
2325 /* Ignore cert if it doesn't match identity
2326 * XXX If verify cert is disabled, we still just take
2332 "Discarding CERT: does not match ID.\n");
2339 char *p = eay_get_x509text(&(*c)->cert);
2340 plog(LLV_DEBUG, LOCATION, NULL, "CERT saved:\n");
2341 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2348 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2380 "CERT payload is unnecessary in DNSSEC\n");
2410 plogdump(LLV_DEBUG, (*c)->cert.v, (*c)->cert.l);
2430 "Failed to get CERT buffer.\n");
2437 "Failed to copy CERT from packet.\n");
2444 new->cert.v = new->pl->v + 1;
2445 new->cert.l = new->pl->l - 1;
2451 save_certx509(cert)
2452 X509 *cert;
2461 "Failed to get CERT buffer.\n");
2465 len = i2d_X509(cert, NULL);
2469 "Failed to copy CERT from packet.\n");
2475 len = i2d_X509(cert, &bp);
2477 new->cert.v = new->pl->v;
2478 new->cert.l = new->pl->l;
2534 "such a cert type isn't supported: %d\n",
2974 /* allocated new buffer for CERT */
2983 "failed to get cert's buffer\n");
2992 /* delete buffer for CERT */
2994 oakley_delcert(cert)
2995 cert_t *cert;
2997 if (!cert)
2999 if (cert->pl)
3000 VPTRINIT(cert->pl);
3001 racoon_free(cert);
