dane_verify_session_crt(3)         gnutls         dane_verify_session_crt(3)

NAME         top

       dane_verify_session_crt - API function

SYNOPSIS         top

       #include <gnutls/dane.h>

       int dane_verify_session_crt(dane_state_t s, gnutls_session_t session,
       const char * hostname, const char * proto, unsigned int port,
       unsigned int sflags, unsigned int vflags, unsigned int * verify);

ARGUMENTS         top

       dane_state_t s
                   A DANE state structure (may be NULL)

       gnutls_session_t session
                   A gnutls session

       const char * hostname
                   The hostname associated with the chain

       const char * proto
                   The protocol of the service connecting (e.g. tcp)

       unsigned int port
                   The port of the service connecting (e.g. 443)

       unsigned int sflags
                   Flags for the initialization of  s (if NULL)

       unsigned int vflags
                   Verification flags; an OR'ed list of dane_verify_flags_t.

       unsigned int * verify
                   An OR'ed list of dane_verify_status_t.

DESCRIPTION         top

       This function will verify session's certificate chain against the CA
       constrains and/or the certificate available via DANE.  See
       dane_verify_crt() for more information.

       This will not verify the chain for validity; unless the DANE
       verification is restricted to end certificates, this must be be
       performed separately using gnutls_certificate_verify_peers3().

RETURNS         top

       a negative error code on error and DANE_E_SUCCESS (0) when the DANE
       entries were successfully parsed, irrespective of whether they were
       verified (see  verify for that information). If no usable entries
       were encountered DANE_E_REQUESTED_DATA_NOT_AVAILABLE will be

REPORTING BUGS         top

       Report bugs to <>.
       Home page:

COPYRIGHT         top

       Copyright © 2001-2018 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without modification,
       are permitted in any medium without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO         top

       The full documentation for gnutls is maintained as a Texinfo manual.
       If the /usr/share/doc/gnutls/ directory does not contain the HTML
       form visit 

COLOPHON         top

       This page is part of the GnuTLS (GnuTLS Transport Layer Security
       Library) project.  Information about the project can be found at 
       ⟨⟩.  If you have a bug report for this manual
       page, send it to  This page was obtained from the
       tarball gnutls-3.6.2.tar.xz fetched from
       ⟨⟩ on 2018-04-30.  If you discover
       any rendering problems in this HTML version of the page, or you
       believe there is a better or more up-to-date source for the page, or
       you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a mail

gnutls                              3.6.2         dane_verify_session_crt(3)