1gnutls_x509_crt_check_hostname2(3)  gnutls  gnutls_x509_crt_check_hostname2(3)
2
3
4

NAME

6       gnutls_x509_crt_check_hostname2 - API function
7

SYNOPSIS

9       #include <gnutls/x509.h>
10
11       unsigned  gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert, const
12       char * hostname, unsigned int flags);
13

ARGUMENTS

15       gnutls_x509_crt_t cert
16                   should contain an gnutls_x509_crt_t type
17
18       const char * hostname
19                   A null terminated string that contains a DNS name
20
21       unsigned int flags
22                   gnutls_certificate_verify_flags
23

DESCRIPTION

25       This function will check if the given certificate's subject matches the
26       given  hostname.   This  is  a  basic  implementation  of  the matching
27       described in  RFC6125,  and  takes  into  account  wildcards,  and  the
28       DNSName/IPAddress subject alternative name PKIX extension.
29
30       IPv4 addresses are accepted by this function in the dotted-decimal for‐
31       mat (e.g, ddd.ddd.ddd.ddd),  and  IPv6  addresses  in  the  hexadecimal
32       x:x:x:x:x:x:x:x format. For them the IPAddress subject alternative name
33       extension is consulted. Previous versions to 3.6.0 of GnuTLS in case of
34       a non-match would consult (in a non-standard extension) the DNSname and
35       CN fields. This is no longer the case.
36
37       When the  flag  GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS  is  specified  no
38       wildcards  are  considered.  Otherwise  they are only considered if the
39       domain name consists of three components  or  more,  and  the  wildcard
40       starts   at   the   leftmost   position.   When  the  flag  GNUTLS_VER‐
41       IFY_DO_NOT_ALLOW_IP_MATCHES is specified, the input will be treated  as
42       a  DNS name, and matching of textual IP addresses against the IPAddress
43       part of the alternative name will not be allowed.
44
45       The function gnutls_x509_crt_check_ip() is available  for  matching  IP
46       addresses.
47

RETURNS

49       non-zero for a successful match, and zero on failure.
50

SINCE

52       3.3.0
53

REPORTING BUGS

55       Report bugs to <bugs@gnutls.org>.
56       Home page: https://www.gnutls.org
57
58
60       Copyright © 2001-2019 Free Software Foundation, Inc., and others.
61       Copying  and  distribution  of this file, with or without modification,
62       are permitted in any medium  without  royalty  provided  the  copyright
63       notice and this notice are preserved.
64

SEE ALSO

66       The  full  documentation  for gnutls is maintained as a Texinfo manual.
67       If the /usr/share/doc/gnutls/ directory does not contain the HTML  form
68       visit
69
70       https://www.gnutls.org/manual/
71
72gnutls                              3.6.11  gnutls_x509_crt_check_hostname2(3)
Impressum