Section: gnutls (3)
dane_verify_session_crt - API function
int dane_verify_session_crt(dane_state_t s, gnutls_session_t session, const char * hostname, const char * proto, unsigned int port, unsigned int sflags, unsigned int vflags, unsigned int * verify);
- dane_state_t s
A DANE state structure (may be NULL)
- gnutls_session_t session
A gnutls session
- const char * hostname
The hostname associated with the chain
- const char * proto
The protocol of the service connecting (e.g. tcp)
- unsigned int port
The port of the service connecting (e.g. 443)
- unsigned int sflags
Flags for the initialization of s (if NULL)
- unsigned int vflags
Verification flags; an OR'ed list of dane_verify_flags_t.
- unsigned int * verify
An OR'ed list of dane_verify_status_t.
This function will verify session's certificate chain against the
CA constrains and/or the certificate available via DANE.
for more information.
This will not verify the chain for validity; unless the DANE
verification is restricted to end certificates, this must be
be performed separately using gnutls_certificate_verify_peers3().
a negative error code on error and DANE_E_SUCCESS
when the DANE entries were successfully parsed, irrespective of
whether they were verified (see verify
for that information). If
no usable entries were encountered DANE_E_REQUESTED_DATA_NOT_AVAILABLE
will be returned.
Report bugs to <firstname.lastname@example.org
Home page: https://www.gnutls.org
Copyright © 2001- Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
The full documentation for
is maintained as a Texinfo manual.
If the /usr/share/doc/gnutls/
directory does not contain the HTML form visit