GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  GNUTLS_CERTIFICATE_VERIFY_PEERS (3)

NAME

gnutls_certificate_verify_peers - API function

CONTENTS

Synopsis
Arguments
Copyright

SYNOPSIS

#include <gnutls/gnutls.h>

int gnutls_certificate_verify_peers(gnutls_session_t session, gnutls_typed_vdata_st * data, unsigned int elements, unsigned int * status);

ARGUMENTS

gnutls_session_t session is a gnutls session
gnutls_typed_vdata_st * data an array of typed data
unsigned int elements the number of data elements
unsigned int * status is the output of the verification

DESCRIPTION

This function will verify the peer’s certificate and store the status in the status variable as a bitwise or’d gnutls_certificate_status_t values or zero if the certificate is trusted. Note that value in status is set only when the return value of this function is success (i.e, failure to trust a certificate does not imply a negative return value). The default verification flags used by this function can be overridden using gnutls_certificate_set_verify_flags(). See the documentation of gnutls_certificate_verify_peers2() for details in the verification process.

The acceptable data types are GNUTLS_DT_DNS_HOSTNAME, GNUTLS_DT_RFC822NAME and GNUTLS_DT_KEY_PURPOSE_OID. The former two accept as data a null-terminated hostname or email address, and the latter a null-terminated object identifier (e.g., GNUTLS_KP_TLS_WWW_SERVER). If a DNS hostname is provided then this function will compare the hostname in the certificate against the given. If names do not match the GNUTLS_CERT_UNEXPECTED_OWNER status flag will be set. If a key purpose OID is provided and the end-certificate contains the extended key usage PKIX extension, it will be required to be have the provided key purpose or be marked for any purpose, otherwise verification will fail with GNUTLS_CERT_SIGNER_CONSTRAINTS_FAILURE status.

RETURNS

a negative error code on error and GNUTLS_E_SUCCESS (0) when the peer’s certificate was successfully parsed, whether or not it was verified.

SINCE

3.3.0

REPORTING BUGS

Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org

COPYRIGHT

Copyright © 2001-2016 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit
http://www.gnutls.org/manual/
Search for    or go to Top of page |  Section 3 |  Main Index


gnutls GNUTLS_CERTIFICATE_VERIFY_PEERS (3) 3.4.9

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.