• Home
  • History
  • Annotate
  • Raw
  • Download
  • only in /macosx-10.10.1/ipsec-286.1.1/ipsec-tools/racoon/

Lines Matching defs:cert

1267 		user_id = eay_get_x509_common_name(&p->cert); //%%%%%%%% fix this
1398 		/* get peer's cert */
1420 		/* check cert common name against Open Directory authentication group */
1626 	int premature = oakley_find_status_in_certchain(iph1->cert, CERT_STATUS_PREMATURE);
1627 	int expired = oakley_find_status_in_certchain(iph1->cert, CERT_STATUS_EXPIRED);
1658 			if (iph1->cert)
1678  *	my != 0 my cert.
1679  *	my == 0 peer's cert.
1684 	vchar_t *cert = NULL;
1690 		certpl = &iph1->cert;
1705 			cert = crypto_cssm_get_x509cert(dataRef, &status);
1706 			plog(ASL_LEVEL_DEBUG, "done with chking cert status %d\n",status);
1717 	if (!cert) {
1727 			"failed to get cert buffer.\n");
1730 	(*certpl)->pl = vmalloc(cert->l + 1);
1733 			"failed to get cert buffer\n");
1738 	memcpy((*certpl)->pl->v + 1, cert->v, cert->l);
1742 	(*certpl)->cert.v = (*certpl)->pl->v + 1;
1743 	(*certpl)->cert.l = (*certpl)->pl->l - 1;
1750 	if (cert != NULL)
1751 		vfree(cert);
1766 		// cert in keychain - use cssm to sign
1817 		if (oakley_check_certid_1(&p->cert, idtype, idlen, id, &p->status) == 0) {
1837 		// no chain: simply return the only cert
1845 		if (oakley_check_certid_1(&p->cert, id_b->type, idlen, peers_id, &p->status) == 0) {
1878 oakley_check_certid_1(vchar_t *cert, int idtype, int idlen, void *id, cert_status_t *certStatus)
1896 		certificate = crypto_cssm_x509cert_CreateSecCertificateRef(cert);
1952 		certificate = crypto_cssm_x509cert_CreateSecCertificateRef(cert);
2030 			if (eay_get_x509subjectaltname(cert, &altname, &type, pos, &len) !=0) {
2119 		certificate = crypto_cssm_x509cert_CreateSecCertificateRef(cert);
2176 		certificate = crypto_cssm_x509cert_CreateSecCertificateRef(cert);
2235 			if (eay_get_x509subjectaltname(cert, &altname, &type, pos, &len) != 0) {
2363         /* Ignore cert if it doesn't match identity
2364          * XXX If verify cert is disabled, we still just take
2445 	new->cert.v = new->pl->v + 1;
2446 	new->cert.l = new->pl->l - 1;
2499 			"such a cert type isn't supported: %d\n",
2949 			"failed to get cert's buffer\n");
2961 oakley_delcert_1(cert_t *cert)
2963 	if (!cert)
2965 	if (cert->pl)
2966 		VPTRINIT(cert->pl);
2967 	racoon_free(cert);
2972 oakley_delcert(cert_t *cert)
2976 	if (!cert)
2979 	for (p = cert; p;) {