Tizen 2.0 Release

[external/libgnutls26.git] / doc / manpages / gnutls_certificate_verify_peers2.3

.\" DO NOT MODIFY THIS FILE!  It was generated by gdoc.
.TH "gnutls_certificate_verify_peers2" 3 "2.12.6.1" "gnutls" "gnutls"
.SH NAME
gnutls_certificate_verify_peers2 \- API function
.SH SYNOPSIS
.B #include <gnutls/gnutls.h>
.sp
.BI "int gnutls_certificate_verify_peers2(gnutls_session_t " session ", unsigned int * " status ");"
.SH ARGUMENTS
.IP "gnutls_session_t session" 12
is a gnutls session
.IP "unsigned int * status" 12
is the output of the verification
.SH "DESCRIPTION"
This function will try to verify the peer's certificate and return
its status (trusted, invalid etc.).  The value of \fIstatus\fP should
be one or more of the gnutls_certificate_status_t enumerated
elements bitwise or'd. To avoid denial of service attacks some
default upper limits regarding the certificate key size and chain
size are set. To override them use
\fBgnutls_certificate_set_verify_limits()\fP.

Note that you must also check the peer's name in order to check if
the verified certificate belongs to the actual peer.

This function uses \fBgnutls_x509_crt_list_verify()\fP with the CAs in
the credentials as trusted CAs.
.SH "RETURNS"
a negative error code on error and zero on success.
.SH "REPORTING BUGS"
Report bugs to <bug-gnutls@gnu.org>.
GnuTLS home page: http://www.gnu.org/software/gnutls/
General help using GNU software: http://www.gnu.org/gethelp/
.SH COPYRIGHT
Copyright \(co 2008 Free Software Foundation.
.br
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
.SH "SEE ALSO"
The full documentation for
.B gnutls
is maintained as a Texinfo manual.  If the
.B info
and
.B gnutls
programs are properly installed at your site, the command
.IP
.B info gnutls
.PP
should give you access to the complete manual.