gnutls_x509_crt_get_name_constraints — API function
#include <gnutls/x509.h>
int
gnutls_x509_crt_get_name_constraints( |
gnutls_x509_crt_t crt, |
| gnutls_x509_name_constraints_t nc, | |
| unsigned int flags, | |
unsigned int * critical); |
should contain a gnutls_x509_crt_t structure
The nameconstraints intermediate structure
zero or GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND
the extension status
This function will return an intermediate structure
containing the name constraints of the provided CA
certificate. That structure can be used in combination with
gnutls_x509_name_constraints_check() to
verify whether a server's name is in accordance with the
constraints.
When the flags is
set to GNUTLS_NAME_CONSTRAINTS_FLAG_APPEND, then
if the nc structure
is empty this function will behave identically as if the flag
was not set. Otherwise if there are elements in the
nc structure then
only the excluded constraints will be appended to the
constraints.
Note that nc must
be initialized prior to calling this function.
On success, GNUTLS_E_SUCCESS (0) is returned, GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE if the extension is not present, otherwise a negative error value.
The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit
| COPYRIGHT |
|---|
|
Copyright © 2001-2014 Free Software Foundation, Inc.. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved. |