Lines Matching defs:cert
56 int (*cert_cb)(void *ctx, struct http_cert *cert);
180 static void debug_dump_cert(const char *title, X509 *cert)
190 X509_print_ex(out, cert, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
205 static void add_alt_name_othername(struct http_ctx *ctx, struct http_cert *cert,
213 on = os_realloc_array(cert->othername, cert->num_othername + 1,
217 cert->othername = on;
218 on = &on[cert->num_othername];
233 cert->num_othername++;
237 static void add_alt_name_dns(struct http_ctx *ctx, struct http_cert *cert,
247 n = os_realloc_array(cert->dnsname, cert->num_dnsname + 1,
252 cert->dnsname = n;
253 n[cert->num_dnsname] = buf;
254 cert->num_dnsname++;
258 static void add_alt_name(struct http_ctx *ctx, struct http_cert *cert,
263 add_alt_name_othername(ctx, cert, name->d.otherName);
266 add_alt_name_dns(ctx, cert, name->d.dNSName);
272 static void add_alt_names(struct http_ctx *ctx, struct http_cert *cert,
281 add_alt_name(ctx, cert, name);
778 X509 *cert)
792 pos = X509_get_ext_by_OBJ(cert, obj, -1);
799 ext = X509_get_ext(cert, pos);
849 X509 *cert, GENERAL_NAMES **names)
854 *names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
858 add_logotype_ext(ctx, hcert, cert);
885 static int validate_server_cert(struct http_ctx *ctx, X509 *cert)
899 X509_print_ex(out, cert, XN_FLAG_COMPAT, X509_FLAG_COMPAT);
903 parse_cert(ctx, &hcert, cert, &names);
914 X509 *cert;
925 cert = d2i_X509_bio(in, NULL);
928 if (cert == NULL) {
935 X509_print_ex(out, cert, XN_FLAG_COMPAT,
941 parse_cert(ctx, &hcert, cert, &names);
968 X509_free(cert);
975 X509 *cert;
994 cert = X509_STORE_CTX_get_current_cert(x509_ctx);
995 if (!cert) {
1002 ctx->peer_cert = cert;
1004 ctx->peer_issuer = cert;
1006 ctx->peer_issuer_issuer = cert;
1008 name = X509_get_subject_name(cert);
1012 debug_dump_cert("Server certificate chain - certificate", cert);
1014 if (depth == 0 && preverify_ok && validate_server_cert(ctx, cert) < 0)
1021 res = check_ocsp_resp(ssl_ctx, ssl, cert, ctx->peer_issuer,
1147 X509 *cert;
1148 cert = X509_dup(ctx->peer_issuer);
1149 if (cert && !sk_X509_push(certs, cert)) {
1153 X509_free(cert);
1158 cert = X509_dup(ctx->peer_issuer_issuer);
1159 if (cert && !sk_X509_push(certs, cert)) {
1163 X509_free(cert);
1730 int (*cb)(void *ctx, struct http_cert *cert),