Dariqq created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1744
Hello ## Description of problem: I was looking into using ` gnutls_verify_stored_pubkey` and `gnutls_store_pubkey` for tofu verification. The documentation I could find for the `service` parameter is a bit confusing whether it should be the service name or the port number - The client example at https://www.gnutls.org/manual/html_node/Client-example-with-SSH_002dstyle-certificate-verification.html uses "https" - The function reference in the manual at https://www.gnutls.org/manual/html_node/Certificate-verification.html says ``` > service: non-NULL if this key is specific to a service (e.g. http) [...] > The service field if non-NULL should be a port number ``` The first part suggests that it should be the service name while the second one advises one to use the port number. Running `gnutls-cli --tofu gnutls.org` and saving the cert it got saved as "https" and not "443". >From what I can see the default `verify_pubkey` and `parse_line` functions >just use `strcmp` (special casing `"*"`) so it should not matter as long as I >am consistent with always using either the port or service name. Thanks. ## Version of gnutls used: online manual is version 3.8.10 gnutls-cli version 3.8.10 -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1744 You're receiving this email because of your account on gitlab.com.
_______________________________________________ Gnutls-devel mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-devel
