|
Packit Service |
4684c1 |
.\" DO NOT MODIFY THIS FILE! It was generated by gdoc.
|
|
Packit Service |
4684c1 |
.TH "gnutls_certificate_set_retrieve_function3" 3 "3.6.14" "gnutls" "gnutls"
|
|
Packit Service |
4684c1 |
.SH NAME
|
|
Packit Service |
4684c1 |
gnutls_certificate_set_retrieve_function3 \- API function
|
|
Packit Service |
4684c1 |
.SH SYNOPSIS
|
|
Packit Service |
4684c1 |
.B #include <gnutls/abstract.h>
|
|
Packit Service |
4684c1 |
.sp
|
|
Packit Service |
4684c1 |
.BI "void gnutls_certificate_set_retrieve_function3(gnutls_certificate_credentials_t " cred ", gnutls_certificate_retrieve_function3 * " func ");"
|
|
Packit Service |
4684c1 |
.SH ARGUMENTS
|
|
Packit Service |
4684c1 |
.IP "gnutls_certificate_credentials_t cred" 12
|
|
Packit Service |
4684c1 |
is a \fBgnutls_certificate_credentials_t\fP type.
|
|
Packit Service |
4684c1 |
.IP "gnutls_certificate_retrieve_function3 * func" 12
|
|
Packit Service |
4684c1 |
is the callback function
|
|
Packit Service |
4684c1 |
.SH "DESCRIPTION"
|
|
Packit Service |
4684c1 |
This function sets a callback to be called in order to retrieve the
|
|
Packit Service |
4684c1 |
certificate and OCSP responses to be used in the handshake. \fIfunc\fP will
|
|
Packit Service |
4684c1 |
be called only if the peer requests a certificate either during handshake
|
|
Packit Service |
4684c1 |
or during post\-handshake authentication.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The callback's function prototype is defined in `abstract.h':
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
int gnutls_certificate_retrieve_function3(
|
|
Packit Service |
4684c1 |
gnutls_session_t,
|
|
Packit Service |
4684c1 |
const struct gnutls_cert_retr_st *info,
|
|
Packit Service |
4684c1 |
gnutls_pcert_st **certs,
|
|
Packit Service |
4684c1 |
unsigned int *pcert_length,
|
|
Packit Service |
4684c1 |
gnutls_ocsp_data_st **ocsp,
|
|
Packit Service |
4684c1 |
unsigned int *ocsp_length,
|
|
Packit Service |
4684c1 |
gnutls_privkey_t *privkey,
|
|
Packit Service |
4684c1 |
unsigned int *flags);
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The info field of the callback contains:
|
|
Packit Service |
4684c1 |
\fIreq_ca_dn\fP which is a list with the CA names that the server considers trusted.
|
|
Packit Service |
4684c1 |
This is a hint and typically the client should send a certificate that is signed
|
|
Packit Service |
4684c1 |
by one of these CAs. These names, when available, are DER encoded. To get a more
|
|
Packit Service |
4684c1 |
meaningful value use the function \fBgnutls_x509_rdn_get()\fP.
|
|
Packit Service |
4684c1 |
\fIpk_algos\fP contains a list with server's acceptable public key algorithms.
|
|
Packit Service |
4684c1 |
The certificate returned should support the server's given algorithms.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The callback should fill\-in the following values.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
\fIpcert\fP should contain an allocated list of certificates and public keys.
|
|
Packit Service |
4684c1 |
\fIpcert_length\fP is the size of the previous list.
|
|
Packit Service |
4684c1 |
\fIocsp\fP should contain an allocated list of OCSP responses.
|
|
Packit Service |
4684c1 |
\fIocsp_length\fP is the size of the previous list.
|
|
Packit Service |
4684c1 |
\fIpkey\fP is the private key.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
If flags in the callback are set to \fBGNUTLS_CERT_RETR_DEINIT_ALL\fP then
|
|
Packit Service |
4684c1 |
all provided values must be allocated using \fBgnutls_malloc()\fP, and will
|
|
Packit Service |
4684c1 |
be released by gnutls; otherwise they will not be touched by gnutls.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
The callback function should set the certificate and OCSP response
|
|
Packit Service |
4684c1 |
list to be sent, and return 0 on success. If no certificates are available,
|
|
Packit Service |
4684c1 |
the \fIpcert_length\fP and \fIocsp_length\fP should be set to zero. The return
|
|
Packit Service |
4684c1 |
value (\-1) indicates error and the handshake will be terminated. If both
|
|
Packit Service |
4684c1 |
certificates are set in the credentials and a callback is available, the
|
|
Packit Service |
4684c1 |
callback takes predence.
|
|
Packit Service |
4684c1 |
.SH "SINCE"
|
|
Packit Service |
4684c1 |
3.6.3
|
|
Packit Service |
4684c1 |
.SH "REPORTING BUGS"
|
|
Packit Service |
4684c1 |
Report bugs to <bugs@gnutls.org>.
|
|
Packit Service |
4684c1 |
.br
|
|
Packit Service |
4684c1 |
Home page: https://www.gnutls.org
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
.SH COPYRIGHT
|
|
Packit Service |
4684c1 |
Copyright \(co 2001- Free Software Foundation, Inc., and others.
|
|
Packit Service |
4684c1 |
.br
|
|
Packit Service |
4684c1 |
Copying and distribution of this file, with or without modification,
|
|
Packit Service |
4684c1 |
are permitted in any medium without royalty provided the copyright
|
|
Packit Service |
4684c1 |
notice and this notice are preserved.
|
|
Packit Service |
4684c1 |
.SH "SEE ALSO"
|
|
Packit Service |
4684c1 |
The full documentation for
|
|
Packit Service |
4684c1 |
.B gnutls
|
|
Packit Service |
4684c1 |
is maintained as a Texinfo manual.
|
|
Packit Service |
4684c1 |
If the /usr/share/doc/gnutls/
|
|
Packit Service |
4684c1 |
directory does not contain the HTML form visit
|
|
Packit Service |
4684c1 |
.B
|
|
Packit Service |
4684c1 |
.IP https://www.gnutls.org/manual/
|
|
Packit Service |
4684c1 |
.PP
|