1gnutls_x509_crt_check_hostname2(3)  gnutls  gnutls_x509_crt_check_hostname2(3)
2
3
4

NAME

6       gnutls_x509_crt_check_hostname2 - API function
7

SYNOPSIS

9       #include <gnutls/x509.h>
10
11       unsigned  gnutls_x509_crt_check_hostname2(gnutls_x509_crt_t cert, const
12       char * hostname, unsigned int flags);
13

ARGUMENTS

15       gnutls_x509_crt_t cert
16                   should contain an gnutls_x509_crt_t type
17
18       const char * hostname
19                   A null terminated string that contains a DNS name
20
21       unsigned int flags
22                   gnutls_certificate_verify_flags
23

DESCRIPTION

25       This function will check if the given certificate's subject matches the
26       given  hostname.   This  is  a basic implementation of the matching de‐
27       scribed  in  RFC6125,  and  takes  into  account  wildcards,  and   the
28       DNSName/IPAddress subject alternative name PKIX extension.
29
30       IPv4 addresses are accepted by this function in the dotted-decimal for‐
31       mat (e.g, ddd.ddd.ddd.ddd),  and  IPv6  addresses  in  the  hexadecimal
32       x:x:x:x:x:x:x:x format. For them the IPAddress subject alternative name
33       extension is consulted. Previous versions to 3.6.0 of GnuTLS in case of
34       a non-match would consult (in a non-standard extension) the DNSname and
35       CN fields. This is no longer the case.
36
37       When the  flag  GNUTLS_VERIFY_DO_NOT_ALLOW_WILDCARDS  is  specified  no
38       wildcards are considered. Otherwise they are only considered if the do‐
39       main name consists of three components or more, and the wildcard starts
40       at  the  leftmost  position.   When  the  flag GNUTLS_VERIFY_DO_NOT_AL‐
41       LOW_IP_MATCHES is specified, the input will be treated as a  DNS  name,
42       and  matching of textual IP addresses against the IPAddress part of the
43       alternative name will not be allowed.
44
45       The function gnutls_x509_crt_check_ip() is available  for  matching  IP
46       addresses.
47

RETURNS

49       non-zero for a successful match, and zero on failure.
50

SINCE

52       3.3.0
53

REPORTING BUGS

55       Report bugs to <bugs@gnutls.org>.
56       Home page: https://www.gnutls.org
57
58

60       Copyright © 2001- Free Software Foundation, Inc., and others.
61       Copying  and  distribution  of this file, with or without modification,
62       are permitted in any medium without royalty provided the copyright  no‐
63       tice and this notice are preserved.
64

SEE ALSO

66       The  full  documentation  for gnutls is maintained as a Texinfo manual.
67       If the /usr/share/doc/gnutls/ directory does not contain the HTML  form
68       visit
69
70       https://www.gnutls.org/manual/
71
72gnutls                               3.7.8  gnutls_x509_crt_check_hostname2(3)
Impressum