/freebsd-current/secure/caroot/untrusted/ |
H A D | Makefile | 2 BINDIR= /usr/share/certs/untrusted
|
/freebsd-current/crypto/openssl/test/recipes/ |
H A D | 60-test_x509_store.t | 29 my ($cert, $purpose, $trustedpath, $untrusted, @opts) = @_; 34 for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) }
|
H A D | 80-test_ocsp.t | 33 my $untrusted = shift; 34 if ($untrusted eq "") { 35 $untrusted = $CAfile; 48 "-verify_other", catfile($ocspdir, $untrusted),
|
H A D | 25-test_verify.t | 21 my ($cert, $purpose, $trusted, $untrusted, @opts) = @_; 27 for (@$untrusted) { push(@args, "-untrusted", srctop_file(@path, "$_.pem")) } 108 # depending on whether the intermediate is the trusted or untrusted one. 125 "fail non-CA untrusted intermediate"); 127 "fail non-CA untrusted intermediate"); 143 "fail untrusted partial chain"); 163 "fail untrusted partial issuer with ignored server trust");
|
/freebsd-current/crypto/openssl/test/ |
H A D | verify_extra_test.c | 54 * leaf and subinterCA are in the untrusted list (untrusted.pem) 66 STACK_OF(X509) *untrusted = NULL; 81 untrusted = load_certs_pem(untrusted_f); 90 if (!X509_STORE_CTX_init(sctx, store, x, untrusted)) 102 sk_X509_pop_free(untrusted, X509_free); 231 STACK_OF(X509) *untrusted = sk_X509_new_null(); 239 || !TEST_ptr(untrusted) 247 if (!TEST_true(sk_X509_push(untrusted, untrcert))) 251 if (!TEST_true(X509_STORE_CTX_init(ctx, NULL, eecert, untrusted))) [all...] |
/freebsd-current/secure/caroot/ |
H A D | Makefile | 5 SUBDIR+= untrusted
|
H A D | MAca-bundle.pl | 223 my $untrusted = 0; 237 $untrusted ++; 257 # weed out untrusted certificates 264 warn "Skipping untrusted $labels{$it}\n" if $debug; 265 $untrusted++; 271 print "## Untrusted certificates omitted from this bundle: $untrusted\n\n"; 273 print STDERR "## Untrusted certificates omitted from this bundle: $untrusted\n";
|
/freebsd-current/crypto/openssl/crypto/ts/ |
H A D | ts_rsp_verify.c | 19 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, 93 STACK_OF(X509) *untrusted = NULL; 130 untrusted = sk_X509_new_reserve(NULL, sk_X509_num(certs) 132 if (untrusted == NULL 133 || !X509_add_certs(untrusted, certs, 0) 134 || !X509_add_certs(untrusted, token->d.sign->cert, 0)) 136 if (!ts_verify_cert(store, untrusted, signer, &chain)) 160 sk_X509_free(untrusted); 171 static int ts_verify_cert(X509_STORE *store, STACK_OF(X509) *untrusted, argument 184 if (!X509_STORE_CTX_init(cert_ctx, store, signer, untrusted)) [all...] |
/freebsd-current/usr.sbin/certctl/ |
H A D | certctl.sh | 120 info "Skipping untrusted certificate $hash ($otherfile)" 172 verbose "Adding $filename to untrusted list" 261 info "Adding $UTFILE to untrusted list" 278 info "Removing $(basename "$UNTRUSTEDFILE") from untrusted list" 283 info "Removing $UTFILE from untrusted list" 304 echo " $SCRIPTNAME [-v] untrusted" 305 echo " List untrusted certificates" 309 echo " Add <file> to the list of untrusted certificates" 311 echo " Remove <file> from the list of untrusted certificates" 341 : ${UNTRUSTPATH:=${DESTDIR}${DISTBASE}/usr/share/certs/untrusted [all...] |
/freebsd-current/crypto/openssl/crypto/ocsp/ |
H A D | ocsp_vfy.c | 32 STACK_OF(X509) *untrusted, STACK_OF(X509) **chain) 42 if (!X509_STORE_CTX_init(ctx, st, signer, untrusted)) { 103 STACK_OF(X509) *untrusted = NULL; 118 if ((untrusted = sk_X509_dup(bs->certs)) == NULL) 120 if (!X509_add_certs(untrusted, certs, X509_ADD_FLAG_DEFAULT)) 123 ret = ocsp_verify_signer(signer, 1, st, flags, untrusted, &chain); 158 sk_X509_free(untrusted); 30 ocsp_verify_signer(X509 *signer, int response, X509_STORE *st, unsigned long flags, STACK_OF(X509) *untrusted, STACK_OF(X509) **chain) argument
|
/freebsd-current/crypto/openssl/apps/ |
H A D | verify.c | 61 {"untrusted", OPT_UNTRUSTED, '<', "A file of untrusted certificates"}, 82 STACK_OF(X509) *untrusted = NULL, *trusted = NULL; 148 if (!load_certs(opt_arg(), 0, &untrusted, NULL, 149 "untrusted certificates")) 224 if (check(store, NULL, untrusted, trusted, crls, show_chain, 229 if (check(store, argv[i], untrusted, trusted, crls, show_chain, 237 sk_X509_pop_free(untrusted, X509_free); 308 BIO_printf(bio_out, " (untrusted)");
|
H A D | ts.c | 68 char *untrusted, X509_VERIFY_PARAM *vpm); 73 char *untrusted, 103 {"untrusted", OPT_UNTRUSTED, '<', "Extra untrusted certs"}, 153 " -untrusted extra-certs.pem [-data file] [-digest hexstring]", 162 char *untrusted = NULL; local 274 untrusted = opt_arg(); 338 CApath, CAfile, CAstore, untrusted, 849 const char *CAstore, char *untrusted, 869 CApath, CAfile, CAstore, untrusted, 846 verify_command(const char *data, const char *digest, const char *queryfile, const char *in, int token_in, const char *CApath, const char *CAfile, const char *CAstore, char *untrusted, X509_VERIFY_PARAM *vpm) argument 893 create_verify_ctx(const char *data, const char *digest, const char *queryfile, const char *CApath, const char *CAfile, const char *CAstore, char *untrusted, X509_VERIFY_PARAM *vpm) argument [all...] |
H A D | pkcs12.c | 120 {"untrusted", OPT_UNTRUSTED, '<', "Untrusted certificates for chain building"}, 158 char *untrusted = NULL, *ciphername = NULL, *enc_flag = NULL; local 290 untrusted = opt_arg(); 391 if (untrusted != NULL) 392 WARN_NO_EXPORT("untrusted"); 577 /* Load any untrusted certificates for chain building */ 578 if (untrusted != NULL) { 579 if (!load_certs(untrusted, 0, &untrusted_certs, passcerts, 580 "untrusted certificates"))
|
/freebsd-current/crypto/openssl/crypto/cmp/ |
H A D | cmp_ctx.c | 58 return ctx->untrusted; 62 * Set untrusted certificates for path construction in authentication of 67 STACK_OF(X509) *untrusted = NULL; 73 if (!ossl_x509_add_certs_new(&untrusted, certs, 76 sk_X509_pop_free(ctx->untrusted, X509_free); 77 ctx->untrusted = untrusted; 80 sk_X509_pop_free(untrusted, X509_free); 121 if ((ctx->untrusted = sk_X509_new_null()) == NULL) 202 sk_X509_pop_free(ctx->untrusted, X509_fre [all...] |
H A D | cmp_vfy.c | 124 cert, ctx->untrusted)) 400 * Verify msg trying first ctx->untrusted, which should include extraCerts 420 if (check_msg_with_certs(ctx, ctx->untrusted, "untrusted certs", 432 msg->extraCerts, ctx->untrusted, 538 * else it is searched in msg->extraCerts, ctx->untrusted, in ctx->trusted 647 * Any msg->extraCerts are prepended to ctx->untrusted. 704 if (!X509_add_certs(ctx->untrusted, msg->extraCerts, 786 if (!X509_add_certs(ctx->untrusted, msg->extraCerts,
|
H A D | cmp_protect.c | 144 /* if not yet done try to build chain using available untrusted certs */ 148 ctx->chain = X509_build_chain(ctx->cert, ctx->untrusted, NULL, 0, 301 * from ctx->untrusted, and then ctx->extraCertsOut
|
H A D | cmp_client.c | 471 * ctx->untrusted, which at this point already contains msg->extraCerts. 497 chain = X509_build_chain(cert, ctx->untrusted, out_trusted, 505 if (!X509_STORE_CTX_init(csc, out_trusted, cert, ctx->untrusted))
|
/freebsd-current/contrib/wpa/src/crypto/ |
H A D | tls_openssl_ocsp.c | 504 STACK_OF(X509) *untrusted = NULL, *certs = NULL, *chain = NULL; 565 untrusted = sk_X509_dup(basic->certs); 566 if (!untrusted) 579 if (!sk_X509_push(untrusted, extra_cert)) { 581 "OpenSSL: Could not add certificate to the untrusted stack"); 618 signer = ocsp_find_signer(untrusted, rd->responderID); 646 if (!X509_STORE_CTX_init(&ctx, store, signer, untrusted)) 838 sk_X509_free(untrusted);
|
/freebsd-current/crypto/openssh/ |
H A D | auth-options.c | 799 int untrusted) 827 untrusted ? "yes" : opts->cert_principals)) != 0 || 829 untrusted ? "true" : opts->force_command)) != 0 || 831 untrusted ? NULL : opts->required_from_host_cert)) != 0 || 833 untrusted ? NULL : opts->required_from_host_keys)) != 0) 838 untrusted ? 0 : opts->nenv)) != 0 || 840 untrusted ? 0 : opts->npermitopen)) != 0 || 842 untrusted ? 0 : opts->npermitlisten)) != 0) 798 sshauthopt_serialise(const struct sshauthopt *opts, struct sshbuf *m, int untrusted) argument
|
/freebsd-current/crypto/openssl/demos/certs/apps/ |
H A D | mkacerts.sh | 44 $OPENSSL verify -CAfile root.pem -untrusted intca.pem \
|
/freebsd-current/contrib/bmake/unit-tests/ |
H A D | opt-debug-file.mk | 23 # untrusted input in variables.
|
/freebsd-current/crypto/openssl/crypto/x509/ |
H A D | x509_vfy.c | 256 if (ctx->cert == NULL && sk_X509_num(ctx->untrusted) >= 1) 257 ctx->cert = sk_X509_value(ctx->untrusted, 0); 887 * If no trusted certs in chain at all return untrusted and allow 1299 * untrusted certificates. 1301 for (i = 0; i < sk_X509_num(ctx->untrusted); i++) { 1302 crl_issuer = sk_X509_value(ctx->untrusted, i); 1327 if (!X509_STORE_CTX_init(&crl_ctx, ctx->store, x, ctx->untrusted)) 2332 ctx->untrusted = chain; 2515 return ctx->untrusted; 2520 ctx->untrusted [all...] |
/freebsd-current/crypto/openssl/include/crypto/ |
H A D | x509.h | 220 /* chain of X509s - untrusted - passed in */ 221 STACK_OF(X509) *untrusted; member in struct:x509_store_ctx_st 255 /* number of untrusted certs */
|
/freebsd-current/crypto/openssl/ssl/ |
H A D | ssl_cert.c | 880 STACK_OF(X509) *chain = NULL, *untrusted = NULL; 911 untrusted = cpk->chain; 919 if (!X509_STORE_CTX_init(xs_ctx, chain_store, cpk->x509, untrusted)) {
|
/freebsd-current/crypto/openssh/contrib/suse/ |
H A D | openssh.spec | 54 two untrusted hosts over an insecure network. X11 connections and 68 two untrusted hosts over an insecure network. X11 connections and
|