|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {void} {gnutls_certificate_set_retrieve_function} (gnutls_certificate_credentials_t @var{cred}, gnutls_certificate_retrieve_function * @var{func})
|
|
Packit Service |
4684c1 |
@var{cred}: is a @code{gnutls_certificate_credentials_t} type.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{func}: is the callback function
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function sets a callback to be called in order to retrieve the
|
|
Packit Service |
4684c1 |
certificate to be used in the handshake. The callback will take control
|
|
Packit Service |
4684c1 |
only if a certificate is requested by the peer. You are advised
|
|
Packit Service |
4684c1 |
to use @code{gnutls_certificate_set_retrieve_function2()} because it
|
|
Packit Service |
4684c1 |
is much more efficient in the processing it requires from gnutls.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The callback's function prototype is:
|
|
Packit Service |
4684c1 |
int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs,
|
|
Packit Service |
4684c1 |
const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr2_st* st);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@code{req_ca_dn} is only used in X.509 certificates.
|
|
Packit Service |
4684c1 |
Contains a list with the CA names that the server considers trusted.
|
|
Packit Service |
4684c1 |
This is a hint and typically the client should send a certificate that is signed
|
|
Packit Service |
4684c1 |
by one of these CAs. These names, when available, are DER encoded. To get a more
|
|
Packit Service |
4684c1 |
meaningful value use the function @code{gnutls_x509_rdn_get()} .
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@code{pk_algos} contains a list with server's acceptable public key algorithms.
|
|
Packit Service |
4684c1 |
The certificate returned should support the server's given algorithms.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@code{st} should contain the certificates and private keys.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
If the callback function is provided then gnutls will call it, in the
|
|
Packit Service |
4684c1 |
handshake, after the certificate request message has been received.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
In server side pk_algos and req_ca_dn are NULL.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The callback function should set the certificate list to be sent,
|
|
Packit Service |
4684c1 |
and return 0 on success. If no certificate was selected then the
|
|
Packit Service |
4684c1 |
number of certificates should be set to zero. The value (-1)
|
|
Packit Service |
4684c1 |
indicates error and the handshake will be terminated. If both certificates
|
|
Packit Service |
4684c1 |
are set in the credentials and a callback is available, the callback
|
|
Packit Service |
4684c1 |
takes predence.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Since:} 3.0
|
|
Packit Service |
4684c1 |
@end deftypefun
|