On Sun, Apr 23, 2017 at 8:51 PM, Wouter Verhelst <[email protected]> wrote: > Hi, > > gnutls_certificate_verify_peers2 is documented to have two parameters; a > gnutls_session_t and an unsigned int *status. The info page has these > two things to say about that status parameter: > > STATUS: is the output of the verification > > and > > *Returns:* 'GNUTLS_E_SUCCESS' (0) when the validation is performed, > or a negative error code otherwise. A sucessful error code means > that the 'status' parameter must be checked to obtain the > validation status. > > Unfortunately, it does not explain *how* one must check the "status" > parameter. I originally believed that the contents of the "status" > parameter should be 0, but now suddenly my test suite starts to fail > because status has changed to something else, and I can't figure out > what it means.
In my system with gnutls 3.5.11 the manpage mentions: "This function will verify the peer's certificate and store the status in the status variable as a bitwise or'd gnutls_certificate_status_t values or zero if the certificate is trusted." Does this answer your question? regards, Nikos _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
