dwww: tpablo.net

dwww Home | Manual pages | Find package
gnutls_x509_crt_check_hostname2(3)  gnutls  gnutls_x509_crt_check_hostname2(3)

NAME
       gnutls_x509_crt_check_hostname2 - API function

SYNOPSIS
       #include <gnutls/x509.h>

       unsigned  gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert, const
       char * hostname, unsigned int flags);

ARGUMENTS
       gnutls_x509_crt_t cert
                   should contain an gnutls_x509_crt_t type

       const char * hostname
                   A null terminated string that contains a DNS name

       unsigned int flags
                   gnutls_certificate_verify_flags

DESCRIPTION
       This function will check if the given certificate's subject matches the
       given  hostname.   This  is  a basic implementation of the matching de-
       scribed  in  RFC6125,  and  takes  into  account  wildcards,  and   the
       DNSName/IPAddress subject alternative name PKIX extension.

       IPv4 addresses are accepted by this function in the dotted-decimal for-
       mat (e.g, ddd.ddd.ddd.ddd),  and  IPv6  addresses  in  the  hexadecimal
       x:x:x:x:x:x:x:x format. For them the IPAddress subject alternative name
       extension is consulted. Previous versions to 3.6.0 of GnuTLS in case of
       a non-match would consult (in a non-standard extension) the DNSname and
       CN fields. This is no longer the case.

       When the  flag  GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS  is  specified  no
       wildcards are considered. Otherwise they are only considered if the do-
       main name consists of three components or more, and the wildcard starts
       at  the  leftmost  position.   When  the  flag GNUTLS_VERIFY_DO_NOT_AL-
       LOW_IP_MATCHES is specified, the input will be treated as a  DNS  name,
       and  matching of textual IP addresses against the IPAddress part of the
       alternative name will not be allowed.

       The function gnutls_x509_crt_check_ip() is available  for  matching  IP
       addresses.

RETURNS
       non-zero for a successful match, and zero on failure.

SINCE
       3.3.0

REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org

COPYRIGHT
       Copyright © 2001- Free Software Foundation, Inc., and others.
       Copying  and  distribution  of this file, with or without modification,
       are permitted in any medium without royalty provided the copyright  no-
       tice and this notice are preserved.

SEE ALSO
       The  full  documentation  for gnutls is maintained as a Texinfo manual.
       If the /usr/share/doc/gnutls/ directory does not contain the HTML  form
       visit

       https://www.gnutls.org/manual/

gnutls                               3.7.3  gnutls_x509_crt_check_hostname2(3)
Generated by dwww version 1.14 on Mon Feb 3 08:28:36 CET 2025.