summaryrefslogtreecommitdiffstats
path: root/doc/functions/gnutls_session_set_verify_cert
blob: ea3889617acfaefffc1577947ddfc2f3d20a1382 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
@deftypefun {void} {gnutls_session_set_verify_cert} (gnutls_session_t @var{session}, const char * @var{hostname}, unsigned @var{flags})
@var{session}: is a gnutls session

@var{hostname}: is the expected name of the peer; may be @code{NULL} 

@var{flags}: flags for certificate verification -- @code{gnutls_certificate_verify_flags} 

This function instructs GnuTLS to verify the peer's certificate
using the provided hostname. If the verification fails the handshake
will also fail with @code{GNUTLS_E_CERTIFICATE_VERIFICATION_ERROR} . In that
case the verification result can be obtained using @code{gnutls_session_get_verify_cert_status()} .

The  @code{hostname} pointer provided must remain valid for the lifetime
of the session. More precisely it should be available during any subsequent
handshakes. If no hostname is provided, no hostname verification
will be performed. For a more advanced verification function check
@code{gnutls_session_set_verify_cert2()} .

If  @code{flags} is provided which contain a profile, this function should be
called after any session priority setting functions.

The @code{gnutls_session_set_verify_cert()}  function is intended to be used by TLS
clients to verify the server's certificate.

@strong{Since:} 3.4.6
@end deftypefun