gnutls_x509_name_constraints_check_crt (3) - Linux Manuals

gnutls_x509_name_constraints_check_crt: API function

NAME

gnutls_x509_name_constraints_check_crt - API function

SYNOPSIS

#include <gnutls/x509.h>

unsigned gnutls_x509_name_constraints_check_crt(gnutls_x509_name_constraints_t nc, gnutls_x509_subject_alt_name_t type, gnutls_x509_crt_t cert);

ARGUMENTS

gnutls_x509_name_constraints_t nc
the extracted name constraints structure
gnutls_x509_subject_alt_name_t type
the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)
gnutls_x509_crt_t cert
the certificate to be checked

DESCRIPTION

This function will check the provided certificate names against the constraints in
 nc using the RFC5280 rules. It will traverse all the certificate's names and alternative names.

Currently this function is limited to DNS names and emails (of type GNUTLS_SAN_DNSNAME and GNUTLS_SAN_RFC822NAME).

RETURNS

zero if the provided name is not acceptable, and non-zero otherwise.

SINCE

3.3.0

REPORTING BUGS

Report bugs to <bugs [at] gnutls.org>.
Home page: http://www.gnutls.org

COPYRIGHT

Copyright © 2001-2014 Free Software Foundation, Inc..
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit
http://www.gnutls.org/manual/