• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /freebsd-13-stable/crypto/openssl/ssl/

Lines Matching refs:dane

193 static void dane_final(SSL_DANE *dane)
195     sk_danetls_record_pop_free(dane->trecs, tlsa_free);
196     dane->trecs = NULL;
198     sk_X509_pop_free(dane->certs, X509_free);
199     dane->certs = NULL;
201     X509_free(dane->mcert);
202     dane->mcert = NULL;
203     dane->mtlsa = NULL;
204     dane->mdpth = -1;
205     dane->pdpth = -1;
209  * dane_copy - Copy dane configuration, sans verification state.
216     if (!DANETLS_ENABLED(&from->dane))
219     num = sk_danetls_record_num(from->dane.trecs);
220     dane_final(&to->dane);
221     to->dane.flags = from->dane.flags;
222     to->dane.dctx = &to->ctx->dane;
223     to->dane.trecs = sk_danetls_record_new_reserve(NULL, num);
225     if (to->dane.trecs == NULL) {
231         danetls_record *t = sk_danetls_record_value(from->dane.trecs, i);
285 static const EVP_MD *tlsa_md_get(SSL_DANE *dane, uint8_t mtype)
287     if (mtype > dane->dctx->mdmax)
289     return dane->dctx->mdevp[mtype];
292 static int dane_tlsa_add(SSL_DANE *dane,
303     if (dane->trecs == NULL) {
324         md = tlsa_md_get(dane, mtype);
389             if ((dane->certs == NULL &&
390                  (dane->certs = sk_X509_new_null()) == NULL) ||
391                 !sk_X509_push(dane->certs, cert)) {
434     num = sk_danetls_record_num(dane->trecs);
436         danetls_record *rec = sk_danetls_record_value(dane->trecs, i);
446         if (dane->dctx->mdord[rec->mtype] > dane->dctx->mdord[mtype])
451     if (!sk_danetls_record_insert(dane->trecs, t, i)) {
456     dane->umask |= DANETLS_USAGE_BIT(usage);
624     s->dane.mdpth = -1;
625     s->dane.pdpth = -1;
626     X509_free(s->dane.mcert);
627     s->dane.mcert = NULL;
628     s->dane.mtlsa = NULL;
708     s->dane.flags = ctx->dane.flags;
991     return dane_ctx_enable(&ctx->dane);
996     unsigned long orig = ctx->dane.flags;
998     ctx->dane.flags |= flags;
1004     unsigned long orig = ctx->dane.flags;
1006     ctx->dane.flags &= ~flags;
1012     SSL_DANE *dane = &s->dane;
1014     if (s->ctx->dane.mdmax == 0) {
1018     if (dane->trecs != NULL) {
1041     dane->mdpth = -1;
1042     dane->pdpth = -1;
1043     dane->dctx = &s->ctx->dane;
1044     dane->trecs = sk_danetls_record_new_null();
1046     if (dane->trecs == NULL) {
1055     unsigned long orig = ssl->dane.flags;
1057     ssl->dane.flags |= flags;
1063     unsigned long orig = ssl->dane.flags;
1065     ssl->dane.flags &= ~flags;
1071     SSL_DANE *dane = &s->dane;
1073     if (!DANETLS_ENABLED(dane) || s->verify_result != X509_V_OK)
1075     if (dane->mtlsa) {
1077             *mcert = dane->mcert;
1079             *mspki = (dane->mcert == NULL) ? dane->mtlsa->spki : NULL;
1081     return dane->mdpth;
1087     SSL_DANE *dane = &s->dane;
1089     if (!DANETLS_ENABLED(dane) || s->verify_result != X509_V_OK)
1091     if (dane->mtlsa) {
1093             *usage = dane->mtlsa->usage;
1095             *selector = dane->mtlsa->selector;
1097             *mtype = dane->mtlsa->mtype;
1099             *data = dane->mtlsa->data;
1101             *dlen = dane->mtlsa->dlen;
1103     return dane->mdpth;
1108     return &s->dane;
1114     return dane_tlsa_add(&s->dane, usage, selector, mtype, data, dlen);
1120     return dane_mtype_set(&ctx->dane, md, mtype, ord);
1161     dane_final(&s->dane);
3276     dane_ctx_final(&a->dane);
5013     SSL_DANE *dane = &s->dane;
5037     if (DANETLS_ENABLED(dane) && dane->mtlsa != NULL) {
5038         switch (dane->mtlsa->usage) {