@deftypefun {int} {dane_verify_session_crt} (dane_state_t @var{s}, gnutls_session_t @var{session}, const char * @var{hostname}, const char * @var{proto}, unsigned int @var{port}, unsigned int @var{sflags}, unsigned int @var{vflags}, unsigned int * @var{verify})

@var{s}: A DANE state structure (may be NULL)

@var{session}: A gnutls session

@var{hostname}: The hostname associated with the chain

@var{proto}: The protocol of the service connecting (e.g. tcp)

@var{port}: The port of the service connecting (e.g. 443)

@var{sflags}: Flags for the initialization of  @code{s} (if NULL)

@var{vflags}: Verification flags; an OR'ed list of @code{dane_verify_flags_t} .

@var{verify}: An OR'ed list of @code{dane_verify_status_t} .

This function will verify session's certificate chain against the

CA constrains and/or the certificate available via DANE.

See @code{dane_verify_crt()}  for more information.

This will not verify the chain for validity; unless the DANE

verification is restricted to end certificates, this must be

be performed separately using @code{gnutls_certificate_verify_peers3()} .

@strong{Returns:} a negative error code on error and @code{DANE_E_SUCCESS}  (0)

when the DANE entries were successfully parsed, irrespective of

whether they were verified (see  @code{verify} for that information). If

no usable entries were encountered @code{DANE_E_REQUESTED_DATA_NOT_AVAILABLE} 

will be returned.

@end deftypefun