• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /asuswrt-rt-n18u-9.0.0.4.380.2695/release/src-rt-6.x.4708/router/neon/src/

Lines Matching refs:cert

74     gnutls_x509_crt cert;
89     ne_ssl_certificate cert;
97 static int oid_find_highest_index(gnutls_x509_crt cert, int subject, const char *oid)
105             ret = gnutls_x509_crt_get_dn_by_oid(cert, oid, ++idx, 0, 
108             ret = gnutls_x509_crt_get_issuer_dn_by_oid(cert, oid, ++idx, 0, 
200         ret = gnutls_x509_crt_get_subject(name->cert, &dn);
202         ret = gnutls_x509_crt_get_issuer(name->cert, &dn);
283             ? gnutls_x509_crt_get_dn_oid(name->cert, idx, oid, &oidlen)
284             : gnutls_x509_crt_get_issuer_dn_oid(name->cert, idx, oid, &oidlen);
287             append_rdn(buf, name->cert, name->subject, oid);
311         ret = gnutls_x509_crt_get_dn(dn1->cert, c1, &s1);
313         ret = gnutls_x509_crt_get_issuer_dn(dn1->cert, c1, &s1);
318         ret = gnutls_x509_crt_get_dn(dn2->cert, c2, &s2);
320         ret = gnutls_x509_crt_get_issuer_dn(dn2->cert, c2, &s2);
336         if (cc->cert.identity) ne_free(cc->cert.identity);
338         if (cc->cert.subject) gnutls_x509_crt_deinit(cc->cert.subject);
344 void ne_ssl_cert_validity_time(const ne_ssl_certificate *cert,
348         *from = gnutls_x509_crt_get_activation_time(cert->subject);
351         *until = gnutls_x509_crt_get_expiration_time(cert->subject);
360 static int check_identity(const ne_uri *server, gnutls_x509_crt cert,
374         ret = gnutls_x509_crt_get_subject_alt_name(cert, seq, name, &len,
440         seq = oid_find_highest_index(cert, 1, GNUTLS_OID_X520_COMMON_NAME);
445             ret = gnutls_x509_crt_get_dn_by_oid(cert, GNUTLS_OID_X520_COMMON_NAME,
464  * that x5 is owned by returned cert object and must not be otherwise
466 static ne_ssl_certificate *populate_cert(ne_ssl_certificate *cert,
470     gnutls_x509_crt_get_subject(x5, &cert->subj_dn.dn);
471     gnutls_x509_crt_get_issuer(x5, &cert->issuer_dn.dn);
473     cert->subj_dn.cert = x5;
474     cert->subj_dn.subject = 1;
475     cert->issuer_dn.cert = x5;
476     cert->issuer_dn.subject = 0;
478     cert->issuer = NULL;
479     cert->subject = x5;
480     cert->identity = NULL;
481     check_identity(NULL, x5, &cert->identity);
482     return cert;
538     newcc->cert.subject = x509_crt_copy(cc->cert.subject);
539     if (!newcc->cert.subject) goto dup_error;
543     populate_cert(&newcc->cert, newcc->cert.subject);
548     if (newcc->cert.subject) gnutls_x509_crt_deinit(newcc->cert.subject);
565     NE_DEBUG(NE_DBG_SSL, "ssl: Client cert provider callback; %d CA names.\n",
619             st->cert.x509 = &sess->client_cert->cert.subject;
657                            const char *cert, const char *key)
659     gnutls_certificate_set_x509_key_file(ctx->cred, cert, key,
700                                    gnutls_x509_crt cert)
705         if (gnutls_x509_crt_check_issuer(cert, ca_list[n]) == 1)
720     ne_ssl_certificate *cert;
740         cert = populate_cert(ne_calloc(sizeof *cert), x5);
743             current = top = cert;
745             current->issuer = cert;
746             current = cert;
766                 cert = populate_cert(ne_calloc(sizeof *cert), issuer);
768                  * cert. */
769                 if (ne_ssl_cert_cmp(current, cert)) {
770                     current = current->issuer = cert;
773                     ne_ssl_cert_free(cert);
837     ne_ssl_certificate *cert;
842      * cert are different from the generic error for issues higher up
844     for (cert = chain; cert; cert = cert->issuer) {
845         before = gnutls_x509_crt_get_activation_time(cert->subject);
846         after = gnutls_x509_crt_get_expiration_time(cert->subject);
849             failures |= (cert == chain) ? NE_SSL_NOTYETVALID : NE_SSL_BADCHAIN;
851             failures |= (cert == chain) ? NE_SSL_EXPIRED : NE_SSL_BADCHAIN;
950         /* Same cert as last time; presume OK.  This is not optimal as
967 const ne_ssl_dname *ne_ssl_cert_issuer(const ne_ssl_certificate *cert)
969     return &cert->issuer_dn;
972 const ne_ssl_dname *ne_ssl_cert_subject(const ne_ssl_certificate *cert)
974     return &cert->subj_dn;
977 const ne_ssl_certificate *ne_ssl_cert_signedby(const ne_ssl_certificate *cert)
979     return cert->issuer;
982 const char *ne_ssl_cert_identity(const ne_ssl_certificate *cert)
984     return cert->identity;
987 void ne_ssl_context_trustcert(ne_ssl_context *ctx, const ne_ssl_certificate *cert)
989     gnutls_x509_crt certs = cert->subject;
1086                 /* Ignore any but the first cert encountered; again,
1127     gnutls_x509_crt cert = NULL;
1145         if (pkcs12_parse(p12, &pkey, &cert, &friendly_name, "") != 0
1146             || !cert || !pkey) {
1155         populate_cert(&cc->cert, cert);
1187     populate_cert(&cc->cert, x5);
1200     gnutls_x509_crt cert = NULL;
1207     ret = pkcs12_parse(cc->p12, &pkey, &cert, NULL, password);
1211     if (!cert || (!pkey && !cc->keyless)) {
1212         if (cert) gnutls_x509_crt_deinit(cert);
1218     populate_cert(&cc->cert, cert);
1227     return &cc->cert;
1257 int ne_ssl_cert_write(const ne_ssl_certificate *cert, const char *filename)
1266     if (gnutls_x509_crt_export(cert->subject, GNUTLS_X509_FMT_PEM, buffer,
1283 void ne_ssl_cert_free(ne_ssl_certificate *cert)
1285     gnutls_x509_crt_deinit(cert->subject);
1286     if (cert->identity) ne_free(cert->identity);
1287     if (cert->issuer) ne_ssl_cert_free(cert->issuer);
1288     ne_free(cert);
1334 char *ne_ssl_cert_export(const ne_ssl_certificate *cert)
1341     if (gnutls_x509_crt_export(cert->subject, GNUTLS_X509_FMT_DER, NULL, &len) != 
1347     if (gnutls_x509_crt_export(cert->subject, GNUTLS_X509_FMT_DER, der, &len)) {
1357 int ne_ssl_cert_digest(const ne_ssl_certificate *cert, char *digest)
1363     if (gnutls_x509_crt_get_fingerprint(cert->subject, GNUTLS_DIG_SHA,