499  * Set the maximum depth of the certificate chain that the path
1053 	    hx509_path *path,
1090     q.path = path;
1189 _hx509_path_append(hx509_context context, hx509_path *path, hx509_cert cert)
1192     val = realloc(path->val, (path->len + 1) * sizeof(path->val[0]));
1198     path->val = val;
1199     path->val[path->len] = hx509_cert_ref(cert);
1200     path->len++;
1206 _hx509_path_free(hx509_path *path)
1210     for (i = 0; i < path->len; i++)
1211 	hx509_cert_free(path->val[i]);
1212     free(path->val);
1213     path->val = NULL;
1214     path->len = 0;
1218  * Find path by looking up issuer for the top certificate and continue
1220  * certificate never included twice in the path.
1222  * If the trust anchors are not given, calculate optimistic path, just
1224  * the max path limit. In this case, a failure will always be returned
1227  * The path includes a path from the top certificate to the anchor
1230  * The caller needs to free `path�� both on successful built path and
1242 		      hx509_path *path)
1250     ret = _hx509_path_append(context, path, cert);
1258 	ret = find_parent(context, time_now, anchors, path,
1264 	ret = _hx509_path_append(context, path, parent);
1269 	if (path->len > max_depth) {
1279 	path->len > 0 &&
1280 	certificate_is_anchor(context, anchors, path->val[path->len - 1]))
1282 	hx509_cert_free(path->val[path->len - 1]);
1283 	path->len--;
1958  * Build and verify the path for the certificate to the trust anchor
1959  * specified in the verify context. The path is constructed from the
1964  * @param cert the certificate to build the path from.
1979     hx509_path path;
1992     path.val = NULL;
1993     path.len = 0;
2012      * Calculate the path from the certificate user presented to the
2017 				cert, pool, &path);
2036     for (i = 0; i < path.len; i++) {
2040 	c = _hx509_get_cert(path.val[i]);
2060 	    /* self signed cert doesn't add to path length */
2061 	    if (i + 1 != path.len) {
2219 	if (i + 1 != path.len || CHECK_TA(ctx)) {
2242      * Verify constraints, do this backward so path constraints are
2246     for (ret = 0, k = path.len; k > 0; k--) {
2251 	c = _hx509_get_cert(path.val[i]);
2258 	if (!selfsigned || i + 1 != path.len) {
2284 	for (i = 0; i < path.len; i++) {
2285 	    ret = hx509_certs_add(context, certs, path.val[i]);
2297 	for (i = 0; i < path.len - 1; i++) {
2298 	    size_t parent = (i < path.len - 1) ? i + 1 : i;
2304 				      path.val[i],
2305 				      path.val[parent]);
2319     for (k = path.len; k > 0; k--) {
2324 	c = _hx509_get_cert(path.val[i]);
2327 	if (i + 1 == path.len) {
2330 	    signer = path.val[i];
2341 	    signer = path.val[i + 1];
2379     _hx509_path_free(&path);
3029 	for (i = 0; i < q->path->len; i++)
3030 	    if (hx509_cert_cmp(q->path->val[i], cert) == 0)
3145     "no match path",

Indexes created Mon Sep 09 02:09:33 MDT 2024