Man page or keyword search:   man All Sections 1 - General Commands 2 - System Calls 3 - Subroutines, Functions 4 - Special Files 5 - File Formats 6 - Games and Screensavers 7 - Macros and Conventions 8 - Maintenence Commands 9 - Kernel Interface New Commands Server 4.4BSD AIX Alpinelinux Archlinux Aros BSDOS BSDi Bifrost CentOS Cygwin Darwin Debian DigitalUNIX DragonFly ElementaryOS Fedora FreeBSD Gentoo GhostBSD HP-UX Haiku Hurd IRIX Inferno JazzOS Kali Knoppix LinuxMint MacOSX Mageia Mandriva Manjaro Minix MirBSD NeXTSTEP NetBSD OPENSTEP OSF1 OpenBSD OpenDarwin OpenIndiana OpenMandriva OpenServer OpenSuSE OpenVMS Oracle PC-BSD Peanut Pidora Plan9 QNX Raspbian RedHat Scientific Slackware SmartOS Solaris SuSE SunOS Syllable Tru64 UNIXv7 Ubuntu Ultrix UnixWare Xenix YellowDog aLinux   44335 pages apropos Keyword Search (all sections) Output format html ascii pdf view pdf save postscript

gnutls_certificate_verify_peers(3)  gnutls  gnutls_certificate_verify_peers(3)

NAME
       gnutls_certificate_verify_peers - API function

SYNOPSIS
       #include <gnutls/gnutls.h>

       int	gnutls_certificate_verify_peers(gnutls_session_t      session,
       gnutls_typed_vdata_st * data, unsigned int  elements,  unsigned	int  *
       status);

ARGUMENTS
       gnutls_session_t session
		   is a gnutls session

       gnutls_typed_vdata_st * data
		   an array of typed data

       unsigned int elements
		   the number of data elements

       unsigned int * status
		   is the output of the verification

DESCRIPTION
       This  function  will verify the peer's certificate and store the status
       in the  status variable as a bitwise  or'd  gnutls_certificate_status_t
       values  or zero if the certificate is trusted. Note that value in  sta‐
       tus is set only when the return value of this function is success (i.e,
       failure to trust a certificate does not imply a negative return value).
       The default verification flags used by this function can be  overridden
       using  gnutls_certificate_set_verify_flags().  See the documentation of
       gnutls_certificate_verify_peers2()  for	details	 in  the  verification
       process.

       The    acceptable     data   types   are	  GNUTLS_DT_DNS_HOSTNAME   and
       GNUTLS_DT_KEY_PURPOSE_OID.  The former accepts as  data	a  null-termi‐
       nated  hostname,	 and  the  latter  a null-terminated object identifier
       (e.g., GNUTLS_KP_TLS_WWW_SERVER).  If a DNS hostname is	provided  then
       this  function will compare the hostname in the certificate against the
       given. If names do not match  the  GNUTLS_CERT_UNEXPECTED_OWNER	status
       flag  will  be  set.  If a key purpose OID is provided and the end-cer‐
       tificate contains the extended key usage PKIX  extension,  it  will  be
       required	 to be have the provided key purpose or be marked for any pur‐
       pose, otherwise verification  will  fail	 with  GNUTLS_CERT_SIGNER_CON‐
       STRAINTS_FAILURE status.

RETURNS
       a negative error code on error and GNUTLS_E_SUCCESS (0) on success.

SINCE
       3.3.0

REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: http://www.gnutls.org

COPYRIGHT
       Copyright © 2001-2014 Free Software Foundation, Inc..
       Copying	and  distribution  of this file, with or without modification,
       are permitted in any medium  without  royalty  provided	the  copyright
       notice and this notice are preserved.

SEE ALSO
       The  full  documentation	 for gnutls is maintained as a Texinfo manual.
       If the /usr/share/doc/gnutls/ directory does not contain the HTML  form
       visit

       http://www.gnutls.org/manual/

gnutls				    3.3.17  gnutls_certificate_verify_peers(3)

Vote for polarhome