Home
last modified time | relevance | path

Searched refs:dane (Results 1 – 17 of 17) sorted by relevance

/src/crypto/openssl/include/internal/
H A Ddane.h79 #define DANETLS_ENABLED(dane) \ argument
80 ((dane) != NULL && sk_danetls_record_num((dane)->trecs) > 0)
94 #define DANETLS_HAS_PKIX(dane) ((dane) && ((dane)->umask & DANETLS_PKIX_MASK)) argument
95 #define DANETLS_HAS_DANE(dane) ((dane) && ((dane)->umask & DANETLS_DANE_MASK)) argument
96 #define DANETLS_HAS_TA(dane) ((dane) && ((dane)->umask & DANETLS_TA_MASK)) argument
97 #define DANETLS_HAS_EE(dane) ((dane) && ((dane)->umask & DANETLS_EE_MASK)) argument
99 #define DANETLS_HAS_PKIX_TA(dane) ((dane) && ((dane)->umask & DANETLS_PKIX_TA_MASK)) argument
100 #define DANETLS_HAS_PKIX_EE(dane) ((dane) && ((dane)->umask & DANETLS_PKIX_EE_MASK)) argument
101 #define DANETLS_HAS_DANE_TA(dane) ((dane) && ((dane)->umask & DANETLS_DANE_TA_MASK)) argument
102 #define DANETLS_HAS_DANE_EE(dane) ((dane) && ((dane)->umask & DANETLS_DANE_EE_MASK)) argument
/src/crypto/openssl/crypto/x509/
H A Dx509_vfy.c309 ret = DANETLS_ENABLED(ctx->dane) ? dane_verify_rpk(ctx) : verify_rpk(ctx); in x509_verify_rpk()
355 ret = DANETLS_ENABLED(ctx->dane) ? dane_verify(ctx) : verify_chain(ctx); in x509_verify_x509()
947 SSL_DANE *dane = ctx->dane; in check_trust() local
955 if (DANETLS_HAS_TA(dane) && num_untrusted > 0 && num_untrusted < num) { in check_trust()
1030 if (!DANETLS_ENABLED(dane)) in check_trust()
1032 if (dane->pdpth < 0) in check_trust()
1033 dane->pdpth = num_untrusted; in check_trust()
1035 if (dane->mdpth >= 0) in check_trust()
2532 ctx->dane = NULL; in X509_STORE_CTX_init()
2849 void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane) in X509_STORE_CTX_set0_dane() argument
[all …]
/src/crypto/openssl/ssl/
H A Dssl_lib.c168 static void dane_final(SSL_DANE *dane) in dane_final() argument
170 sk_danetls_record_pop_free(dane->trecs, tlsa_free); in dane_final()
171 dane->trecs = NULL; in dane_final()
173 OSSL_STACK_OF_X509_free(dane->certs); in dane_final()
174 dane->certs = NULL; in dane_final()
176 X509_free(dane->mcert); in dane_final()
177 dane->mcert = NULL; in dane_final()
178 dane->mtlsa = NULL; in dane_final()
179 dane->mdpth = -1; in dane_final()
180 dane->pdpth = -1; in dane_final()
[all …]
H A Dssl_cert.c485 if (DANETLS_ENABLED(&s->dane)) in ssl_verify_internal()
486 X509_STORE_CTX_set0_dane(ctx, &s->dane); in ssl_verify_internal()
H A Dssl_local.h1093 struct dane_ctx_st dane; member
1493 SSL_DANE dane; member
/src/contrib/ldns/
H A DMakefile.in92 LDNS_LOBJS = buffer.lo dane.lo dname.lo dnssec.lo dnssec_sign.lo dnssec_verify.lo dnssec_zone.lo du…
97 LDNS_HEADERS = buffer.h dane.h dname.h dnssec.h dnssec_sign.h dnssec_verify.h dnssec_zone.h duratio…
105 EXAMPLE_LOBJS = examples/ldns-chaos.lo examples/ldns-compare-zones.lo examples/ldns-dane.lo example…
107 EX_PROGS_BASENM = ldns-chaos ldns-compare-zones ldns-dane ldnsd ldns-dpa ldns-gen-zone ldns-key2ds …
108 EXAMPLE_PROGS_EX= ^examples/ldns-testpkts\.c|examples/ldns-testns\.c|examples/ldns-dane\.c|examples…
113 LDNS_DANE = examples/ldns-dane
114 LDNS_DANE_LOBJS = examples/ldns-dane.lo
191 …E_PROGS) $(TESTNS) $(LDNS_DPA) $(LDNS_DANE) $(EX_SSL_PROGS) examples/ldns-dane.1 examples/ldns-ver…
221 examples/ldns-dane.1: $(srcdir)/examples/ldns-dane.1.in
222 $(edit) $(srcdir)/examples/ldns-dane.1.in > examples/ldns-dane.1
[all …]
H A Dconfigure.ac616 AC_ARG_ENABLE(dane, AC_HELP_STRING([--disable-dane], [Disable DANE support])) optenable
617 AC_ARG_ENABLE(dane-verify, AC_HELP_STRING([--disable-dane-verify], [Disable DANE verify support]))
618 AC_ARG_ENABLE(dane-ta-usage, AC_HELP_STRING([--disable-dane-ta-usage], [Disable DANE-TA usage type …
620 AC_ARG_ENABLE(full-dane,, [
625 AC_ARG_ENABLE(no-dane-ta-usage,, [
630 AC_ARG_ENABLE(no-dane-verify,, [
645 …C_MSG_ERROR([OpenSSL does not support DANE: please upgrade OpenSSL or rerun with --disable-dane])])
663 …e upgrade OpenSSL to version >= 1.1.0 or rerun with --disable-dane-verify or --disable-dane-ta-usa…
988 …r=KEYFILE], [Default location of the trust anchor file for drill and ldns-dane. [default=SYSCONFDI…
995 …a-file, AC_HELP_STRING([--with-ca-file=CAFILE], [File containing CA certificates for ldns-dane]), [
[all …]
H A DChangelog195 * Let ldns-dane use SPKI as the default selector i.s.o. Cert
200 * bugfix #697: Double free with ldns-dane create
214 * bugfix: ldns-dane manpage correction
263 disabled with --disable-dane-ta-usage).
282 * Add --disable-dane option to configure and check availability of the
283 for dane needed X509_check_ca function in openssl.
292 * -T option for ldns-dane that has specific exit status for PKIX
305 * Use SNI with ldns-dane
316 * ldns-dane setup new ssl session for each new connect to prevent hangs
349 * DANE support (RFC6698), including ldns-dane example tool.
[all …]
H A Dconfigure1504 --disable-dane Disable DANE support
1505 --disable-dane-verify Disable DANE verify support
1506 --disable-dane-ta-usage Disable DANE-TA usage type support
/src/contrib/sendmail/src/
H A Dtls.h148 # define CHK_DANE(dane) (DANEMODE((dane)) != DANE_NEVER) argument
H A Ddeliver.c63 # define DANE_SEC(dane) (DANE_SECURE == DANEMODE((dane))) argument
1739 # define CHK_DANE_RCPT(dane, rcpt) (CHK_DANE(dane) && \ argument
1740 (RCPT_MXSECURE(rcpt) || DANE_ALWAYS == DANEMODE(dane)))
/src/lib/libldns/
H A DMakefile13 SRCS= buffer.c dane.c dname.c dnssec.c dnssec_sign.c dnssec_verify.c \
/src/crypto/openssl/crypto/err/
H A Dopenssl.txt1418 SSL_R_CONTEXT_NOT_DANE_ENABLED:167:context not dane enabled
1424 SSL_R_DANE_ALREADY_ENABLED:172:dane already enabled
1425 SSL_R_DANE_CANNOT_OVERRIDE_MTYPE_FULL:173:dane cannot override mtype full
1426 SSL_R_DANE_NOT_ENABLED:175:dane not enabled
1427 SSL_R_DANE_TLSA_BAD_CERTIFICATE:180:dane tlsa bad certificate
1428 SSL_R_DANE_TLSA_BAD_CERTIFICATE_USAGE:184:dane tlsa bad certificate usage
1429 SSL_R_DANE_TLSA_BAD_DATA_LENGTH:189:dane tlsa bad data length
1430 SSL_R_DANE_TLSA_BAD_DIGEST_LENGTH:192:dane tlsa bad digest length
1431 SSL_R_DANE_TLSA_BAD_MATCHING_TYPE:200:dane tlsa bad matching type
1432 SSL_R_DANE_TLSA_BAD_PUBLIC_KEY:201:dane tlsa bad public key
[all …]
/src/crypto/openssl/include/crypto/
H A Dx509.h278 SSL_DANE *dane; member
/src/crypto/openssl/include/openssl/
H A Dx509_vfy.h799 void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane);
H A Dx509_vfy.h.in702 void X509_STORE_CTX_set0_dane(X509_STORE_CTX *ctx, SSL_DANE *dane);
/src/contrib/unbound/doc/
H A DChangelog6684 - RR Type OPENPGPKEY support (draft-ietf-dane-openpgpkey-07).