GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  GNUTLS_CERTIFICATE_VERIFY_PEERS2 (3)

NAME

gnutls_certificate_verify_peers2 - API function

CONTENTS

Synopsis
Arguments
Copyright

SYNOPSIS

#include <gnutls/gnutls.h>

int gnutls_certificate_verify_peers2(gnutls_session_t session, unsigned int * status);

ARGUMENTS

gnutls_session_t session is a gnutls session
unsigned int * status is the output of the verification

DESCRIPTION

This function will verify the peer’s certificate and store the status in the status variable as a bitwise or’d gnutls_certificate_status_t values or zero if the certificate is trusted. Note that value in status is set only when the return value of this function is success (i.e, failure to trust a certificate does not imply a negative return value). The default verification flags used by this function can be overridden using gnutls_certificate_set_verify_flags().

This function will take into account the OCSP Certificate Status TLS extension, as well as the following X.509 certificate extensions: Name Constraints, Key Usage, and Basic Constraints (pathlen).

To avoid denial of service attacks some default upper limits regarding the certificate key size and chain size are set. To override them use gnutls_certificate_set_verify_limits().

Note that you must also check the peer’s name in order to check if the verified certificate belongs to the actual peer, see gnutls_x509_crt_check_hostname(), or use gnutls_certificate_verify_peers3().

RETURNS

a negative error code on error and GNUTLS_E_SUCCESS (0) when the peer’s certificate was successfully parsed, whether or not it was verified.

REPORTING BUGS

Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org

COPYRIGHT

Copyright © 2001-2016 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit
http://www.gnutls.org/manual/
Search for    or go to Top of page |  Section 3 |  Main Index


gnutls GNUTLS_CERTIFICATE_VERIFY_PEERS2 (3) 3.4.9

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.