SYNOPSIS
#include <gnutls/x509.h>unsigned gnutls_x509_name_constraints_check_crt(gnutls_x509_name_constraints_t nc, gnutls_x509_subject_alt_name_t type, gnutls_x509_crt_t cert);
ARGUMENTS
- gnutls_x509_name_constraints_t nc
- the extracted name constraints
- gnutls_x509_subject_alt_name_t type
- the type of the constraint to check (of type gnutls_x509_subject_alt_name_t)
- gnutls_x509_crt_t cert
- the certificate to be checked
DESCRIPTION
This function will check the provided certificate names against the constraints innc using the RFC5280 rules. It will traverse all the certificate's names and alternative names.
Currently this function is limited to DNS names and emails (of type GNUTLS_SAN_DNSNAME and GNUTLS_SAN_RFC822NAME).
RETURNS
zero if the provided name is not acceptable, and non-zero otherwise.SINCE
3.3.0COPYRIGHT
Copyright © 2001-2016 Free Software Foundation, Inc., and others.Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.