void gnutls_x509_trust_list_set_getissuer_function(gnutls_x509_trust_list_t tlist, gnutls_x509_trust_list_getissuer_function * func);
- gnutls_x509_trust_list_t tlist
is a gnutls_x509_trust_list_t type.
- gnutls_x509_trust_list_getissuer_function * func
is the callback function
This function sets a callback to be called when the peer's certificate chain is incomplete due a missing intermediate certificate. The callback may provide the missing certificate for use during verification.
The callback's function prototype is defined in gnutls/x509.h as:
int (*callback)(gnutls_x509_trust_list_t list, const gnutls_x509_crt_t cert, gnutls_x509_crt_t **issuers, unsigned int *issuers_size);
If the callback function is provided then gnutls will call it during the certificate verification procedure. The callback may wish to use gnutls_x509_crt_get_authority_info_access() to get a URI from which to attempt to download the missing issuer certificate, if available.
On a successful call, the callback shall allocate the 'issuers' array with gnutls_x509_crt_list_import2(). The ownership of both the array and the elements is transferred to the caller and thus the application does not need to maintain the memory after the call.
The callback function should return 0 if the missing issuer certificate for 'crt' was properly populated and added to the 'issuers', or non-zero to continue the certificate list verification but with issuer as NULL.
Report bugs to <firstname.lastname@example.org>.
Home page: https://www.gnutls.org
Copyright © 2001- Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit