Blame doc/functions/gnutls_x509_name_constraints_check_crt
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {unsigned} {gnutls_x509_name_constraints_check_crt} (gnutls_x509_name_constraints_t @var{nc}, gnutls_x509_subject_alt_name_t @var{type}, gnutls_x509_crt_t @var{cert})
|
|
Packit Service |
4684c1 |
@var{nc}: the extracted name constraints
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{type}: the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{cert}: the certificate to be checked
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function will check the provided certificate names against the constraints in
|
|
Packit Service |
4684c1 |
@code{nc} using the RFC5280 rules. It will traverse all the certificate's names and
|
|
Packit Service |
4684c1 |
alternative names.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Currently this function is limited to DNS
|
|
Packit Service |
4684c1 |
names and emails (of type @code{GNUTLS_SAN_DNSNAME} and @code{GNUTLS_SAN_RFC822NAME} ).
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} zero if the provided name is not acceptable, and non-zero otherwise.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Since:} 3.3.0
|
|
Packit Service |
4684c1 |
@end deftypefun
|