Provided by: gnutls-doc_3.8.9-2ubuntu3_all bug

NAME
       gnutls_certificate_verify_peers2 - API function


SYNOPSIS
       #include <gnutls/gnutls.h>

       int gnutls_certificate_verify_peers2(gnutls_session_t session, unsigned int * status);


ARGUMENTS
       gnutls_session_t session
                   is a gnutls session

       unsigned int * status
                   is the output of the verification


DESCRIPTION
       This  function  will  verify  the  peer's  certificate  and store the status in the  status variable as a
       bitwise OR of gnutls_certificate_status_t values or zero if the certificate is trusted. Note  that  value
       in   status  is  set  only  when  the  return  value of this function is success (i.e, failure to trust a
       certificate does not imply a negative return  value).   The  default  verification  flags  used  by  this
       function can be overridden using gnutls_certificate_set_verify_flags().

       This  function  will  take  into  account  the  stapled OCSP responses sent by the server, as well as the
       following X.509 certificate extensions: Name Constraints, Key Usage, and Basic Constraints (pathlen).

       Note that you must also check the peer's name in order to check if the verified  certificate  belongs  to
       the actual peer, see gnutls_x509_crt_check_hostname(), or use gnutls_certificate_verify_peers3().

       To avoid denial of service attacks some default upper limits regarding the certificate key size and chain
       size are set. To override them use gnutls_certificate_set_verify_limits().

       Note  that  when  using  raw  public-keys  verification  will  not work because there is no corresponding
       certificate body belonging to the raw key that can be verified. In that case this  function  will  return
       GNUTLS_E_INVALID_REQUEST.


RETURNS
       GNUTLS_E_SUCCESS  (0) when the validation is performed, or a negative error code otherwise.  A successful
       error code means that the  status parameter must be checked to obtain the validation status.


REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org


COPYRIGHT
       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without modification, are permitted in any medium  without
       royalty provided the copyright notice and this notice are preserved.


SEE ALSO
       The  full  documentation  for  gnutls  is  maintained as a Texinfo manual.  If the /usr/share/doc/gnutls/
       directory does not contain the HTML form visit

       https://www.gnutls.org/manual/

gnutls                                                3.8.9                  gnutls_certificate_verify_peers2(3)