Blame doc/functions/gnutls_ocsp_status_request_is_checked
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {unsigned} {gnutls_ocsp_status_request_is_checked} (gnutls_session_t @var{session}, unsigned int @var{flags})
|
|
Packit Service |
4684c1 |
@var{session}: is a gnutls session
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{flags}: should be zero or @code{GNUTLS_OCSP_SR_IS_AVAIL}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
When flags are zero this function returns non-zero if a valid OCSP status
|
|
Packit Service |
4684c1 |
response was included in the TLS handshake. That is, an OCSP status response
|
|
Packit Service |
4684c1 |
which is not too old, superseded or marks the certificate as revoked.
|
|
Packit Service |
4684c1 |
It returns zero otherwise.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
When the flag @code{GNUTLS_OCSP_SR_IS_AVAIL} is specified, the function
|
|
Packit Service |
4684c1 |
returns non-zero if an OCSP status response was included in the handshake
|
|
Packit Service |
4684c1 |
even if it was invalid. Otherwise, if no OCSP status response was included,
|
|
Packit Service |
4684c1 |
it returns zero. The @code{GNUTLS_OCSP_SR_IS_AVAIL} flag was introduced in GnuTLS 3.4.0.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This is a helper function when needing to decide whether to perform an
|
|
Packit Service |
4684c1 |
explicit OCSP validity check on the peer's certificate. Should be called after
|
|
Packit Service |
4684c1 |
any of gnutls_certificate_verify_peers*() are called.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function is always usable on client side, but on server side only
|
|
Packit Service |
4684c1 |
under TLS 1.3, which is the first version of TLS that allows cliend-side OCSP
|
|
Packit Service |
4684c1 |
responses.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} Non-zero if the response was valid, or a zero if it wasn't sent,
|
|
Packit Service |
4684c1 |
or sent and was invalid.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Since:} 3.1.4
|
|
Packit Service |
4684c1 |
@end deftypefun
|