gnutls_certificate_verify_peers(3) [suse man page]
gnutls_certificate_verify_peers(3) gnutls gnutls_certificate_verify_peers(3) NAME
gnutls_certificate_verify_peers - return the peer's certificate verification status SYNOPSIS
#include <gnutls/gnutls.h> int gnutls_certificate_verify_peers(gnutls_session_t session); ARGUMENTS
gnutls_session_t session is a gnutls session DESCRIPTION
This function will try to verify the peer's certificate and return its status (trusted, invalid etc.). However you must also check the peer's name in order to check if the verified certificate belongs to the actual peer. This function uses gnutls_x509_crt_list_verify(). RETURNS
one or more of the gnutls_certificate_status_t enumerated elements bitwise or'd, or a negative value on error. DEPRECATED
Use gnutls_certificate_verify_peers2() instead. REPORTING BUGS
Report bugs to <bug-gnutls@gnu.org>. GnuTLS home page: http://www.gnu.org/software/gnutls/ General help using GNU software: http://www.gnu.org/gethelp/ COPYRIGHT
Copyright (C) 2008 Free Software Foundation. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. SEE ALSO
The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command info gnutls should give you access to the complete manual. gnutls 2.8.6 gnutls_certificate_verify_peers(3)
Check Out this Related Man Page
gnutls_certificate_verify_peers2(3) gnutls gnutls_certificate_verify_peers2(3) NAME
gnutls_certificate_verify_peers2 - return the peer's certificate verification status SYNOPSIS
#include <gnutls/gnutls.h> int gnutls_certificate_verify_peers2(gnutls_session_t session, unsigned int * status); ARGUMENTS
gnutls_session_t session is a gnutls session unsigned int * status is the output of the verification DESCRIPTION
This function will try to verify the peer's certificate and return its status (trusted, invalid etc.). The value of status should be one or more of the gnutls_certificate_status_t enumerated elements bitwise or'd. To avoid denial of service attacks some default upper limits regarding the certificate key size and chain size are set. To override them use gnutls_certificate_set_verify_limits(). Note that you must also check the peer's name in order to check if the verified certificate belongs to the actual peer. This function uses gnutls_x509_crt_list_verify() with the CAs in the credentials as trusted CAs. Note that some commonly used X.509 Certificate Authorities are still using Version 1 certificates. If you want to accept them, you need to call gnutls_certificate_set_verify_flags() with, e.g., GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT parameter. RETURNS
a negative error code on error and zero on success. REPORTING BUGS
Report bugs to <bug-gnutls@gnu.org>. GnuTLS home page: http://www.gnu.org/software/gnutls/ General help using GNU software: http://www.gnu.org/gethelp/ COPYRIGHT
Copyright (C) 2008 Free Software Foundation. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. SEE ALSO
The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command info gnutls should give you access to the complete manual. gnutls 2.8.6 gnutls_certificate_verify_peers2(3)