dane_verify_session_crt






dane_verify_session_crt − API function

#include<gnutls/dane.h>

, gnutls_session_t int dane_verify_session_crt(dane_state_t
s



dane_state_t s
            A DANE state structure (may be NULL)

gnutls_session_t session
            A gnutls session

const char * hostname
            The hostname associated with the chain

const char * proto
            The protocol of the service connecting (e.g.
            tcp)

unsigned int port
            The port of the service connecting (e.g. 443)

unsigned int sflags
            Flags for the the initialization of  s (if NULL)

unsigned int vflags
            Verification flags; an OR’ed list of
            dane_verify_flags_t.

unsigned int * verify
            An OR’ed list of dane_verify_status_t.

This function will verify session’s certificate chain
against the CA constrains and/or the certificate available
via DANE.  See dane_verify_crt() for more information.

This will not verify the chain for validity; unless the DANE
verification is restricted to end certificates, this must be
be performed separately using
gnutls_certificate_verify_peers3().

On success, DANE_E_SUCCESS (0) is returned, otherwise a
negative error value.

Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org














                             ‐2‐


Copyright © 2001‐2016 Free Software Foundation, Inc., and
others.
Copying and distribution of this file, with or without
modification, are permitted in any medium without royalty
provided the copyright notice and this notice are preserved.

The full documentation for gnutls is maintained as a Texinfo
manual.  If the /usr/share/doc/gnutls/ directory does not
contain the HTML form visit

http://www.gnutls.org/manual/