gnutls_certificate_client_set_retrieve_function — Used to set a callback to retrieve the certificate
#include <gnutls/gnutls.h>
void
gnutls_certificate_client_set_retrieve_function( |
gnutls_certificate_credentials_t | cred, |
| gnutls_certificate_client_retrieve_function * | func); |
is a gnutls_certificate_credentials_t structure.
is the callback function
This function sets a callback to be called in order to retrieve the certificate to be used in the handshake. The callback's function prototype is: int (*callback)(gnutls_session_t, const gnutls_datum_t* req_ca_dn, int nreqs, const gnutls_pk_algorithm_t* pk_algos, int pk_algos_length, gnutls_retr_st* st);
req_ca_cert is
only used in X.509 certificates. Contains a list with the CA
names that the server considers trusted. Normally we should
send a certificate that is signed by one of these CAs. These
names are DER encoded. To get a more meaningful value use the
function gnutls_x509_rdn_get().
pk_algos contains
a list with server's acceptable signature algorithms. The
certificate returned should support the server's given
algorithms.
st should contain
the certificates and private keys.
If the callback function is provided then gnutls will call it, in the handshake, after the certificate request message has been received.
The callback function should set the certificate list to be sent, and return 0 on success. If no certificate was selected then the number of certificates should be set to zero. The value (−1) indicates error and the handshake will be terminated.
The full documentation for gnutls is maintained as a Texinfo manual. If the info and gnutls programs are properly installed at your site, the command
info gnutls
should give you access to the complete manual.
| COPYRIGHT |
|---|
|
Copyright © 2008 Free Software Foundation. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies. |