Provided by: gnutls-doc_3.0.11+really2.12.14-5ubuntu3_all bug


       gnutls_certificate_verify_peers2 - API function


       #include <gnutls/gnutls.h>

       int gnutls_certificate_verify_peers2(gnutls_session_t session, unsigned int * status);


       gnutls_session_t session
                   is a gnutls session

       unsigned int * status
                   is the output of the verification


       This  function  will  try to verify the peer's certificate and return its status (trusted,
       invalid   etc.).    The   value   of   status   should   be   one   or   more    of    the
       gnutls_certificate_status_t  enumerated  elements bitwise or'd. To avoid denial of service
       attacks some default upper limits regarding the certificate key size and  chain  size  are
       set. To override them use gnutls_certificate_set_verify_limits().

       Note  that  you  must  also  check  the  peer's  name  in  order  to check if the verified
       certificate belongs to the actual peer.

       This function uses gnutls_x509_crt_list_verify()  with  the  CAs  in  the  credentials  as
       trusted CAs.


       a negative error code on error and zero on success.


       Report       bugs       to       <>.        GnuTLS       home      page:     General     help     using      GNU      software:


       Copyright © 2008 Free Software Foundation.
       Copying  and distribution of this file, with or without modification, are permitted in any
       medium without royalty provided the copyright notice and this notice are preserved.


       The full documentation for gnutls is maintained as a Texinfo  manual.   If  the  info  and
       gnutls programs are properly installed at your site, the command

              info gnutls

       should give you access to the complete manual.