|
NAME | SYNOPSIS | ARGUMENTS | DESCRIPTION | SINCE | REPORTING BUGS | COPYRIGHT | SEE ALSO | COLOPHON |
gnutls_certificate_set_retrieve_function2(3)ficate_set_retrieve_function2(3)
gnutls_certificate_set_retrieve_function2 - API function
#include <gnutls/abstract.h>
void
gnutls_certificate_set_retrieve_function2(gnutls_certificate_credentials_t
cred, gnutls_certificate_retrieve_function2 * func);
gnutls_certificate_credentials_t cred
is a gnutls_certificate_credentials_t type.
gnutls_certificate_retrieve_function2 * func
is the callback function
This function sets a callback to be called in order to retrieve the
certificate to be used in the handshake. The callback will take
control only if a certificate is requested by the peer.
The callback's function prototype is: int
(*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int
nreqs, const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length,
gnutls_pcert_st** pcert, unsigned int *pcert_length, gnutls_privkey_t
* pkey);
req_ca_dn is only used in X.509 certificates. Contains a list with
the CA names that the server considers trusted. This is a hint and
typically the client should send a certificate that is signed by one
of these CAs. These names, when available, are DER encoded. To get a
more meaningful value use the function gnutls_x509_rdn_get().
pk_algos contains a list with server's acceptable signature
algorithms. The certificate returned should support the server's
given algorithms.
pcert should contain a single certificate and public key or a list
of them.
pcert_length is the size of the previous list.
pkey is the private key.
If the callback function is provided then gnutls will call it, in the
handshake, after the certificate request message has been received.
All the provided by the callback values will not be released or
modified by gnutls.
In server side pk_algos and req_ca_dn are NULL.
The callback function should set the certificate list to be sent, and
return 0 on success. If no certificate was selected then the number
of certificates should be set to zero. The value (-1) indicates error
and the handshake will be terminated. If both certificates are set in
the credentials and a callback is available, the callback takes
predence.
3.0
Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org
Copyright © 2001-2017 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
The full documentation for gnutls is maintained as a Texinfo manual.
If the /usr/share/doc/gnutls/ directory does not contain the HTML
form visit
http://www.gnutls.org/manual/
This page is part of the GnuTLS (GnuTLS Transport Layer Security
Library) project. Information about the project can be found at
⟨http://www.gnutls.org/⟩. If you have a bug report for this manual
page, send it to bugs@gnutls.org.. This page was obtained from the
tarball gnutls-3.5.9.tar.xz fetched from
⟨http://www.gnutls.org/download.html⟩ on 2017-07-05. If you discover
any rendering problems in this HTML version of the page, or you
believe there is a better or more up-to-date source for the page, or
you have corrections or improvements to the information in this
COLOPHON (which is not part of the original manual page), send a mail
to man-pages@man7.org
gnutls gnut3l.s5_.c9ertificate_set_retrieve_function2(3)