gnutls_certificate_client_set_retrieve_function — Used to set a callback to retrieve the certificate
#include <gnutls/gnutls.h>
void
gnutls_certificate_client_set_retrieve_function( |
gnutls_certificate_credentials_t | cred, |
gnutls_certificate_client_retrieve_function * | func) ; |
is a gnutls_certificate_credentials_t
structure.
is the callback function
This function sets a callback to be called in order to retrieve the certificate to be used in the handshake. The callback's function prototype is: int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs, gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr_st* st);
st
should
contain the certificates and private keys.
req_ca_cert
, is
only used in X.509 certificates. Contains a list with the CA
names that the server considers trusted. Normally we should
send a certificate that is signed by one of these CAs. These
names are DER encoded. To get a more meaningful value use the
function gnutls_x509_rdn_get()
.
pk_algos
,
contains a list with server's acceptable signature
algorithms. The certificate returned should support the
server's given algorithms.
If the callback function is provided then gnutls will call it, in the handshake, after the certificate request message has been received.
The callback function should set the certificate list to be sent, and return 0 on success. If no certificate was selected then the number of certificates should be set to zero. The value (−1) indicates error and the handshake will be terminated.
The full documentation for gnutls
is maintained as a
Texinfo manual. If the info
and gnutls
programs are properly
installed at your site, the command
info gnutls
should give you access to the complete manual.
COPYRIGHT |
---|
Copyright © 2006, 2007 Free Software Foundation. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies. |