87 lines
3.5 KiB
HTML
Executable File
87 lines
3.5 KiB
HTML
Executable File
<?xml version="1.0" ?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<title>SSL_get_verify_result</title>
|
|
<meta http-equiv="content-type" content="text/html; charset=utf-8" />
|
|
<link rev="made" href="mailto:" />
|
|
</head>
|
|
|
|
<body>
|
|
|
|
|
|
|
|
<ul id="index">
|
|
<li><a href="#NAME">NAME</a></li>
|
|
<li><a href="#SYNOPSIS">SYNOPSIS</a></li>
|
|
<li><a href="#DESCRIPTION">DESCRIPTION</a></li>
|
|
<li><a href="#NOTES">NOTES</a></li>
|
|
<li><a href="#BUGS">BUGS</a></li>
|
|
<li><a href="#RETURN-VALUES">RETURN VALUES</a></li>
|
|
<li><a href="#SEE-ALSO">SEE ALSO</a></li>
|
|
<li><a href="#COPYRIGHT">COPYRIGHT</a></li>
|
|
</ul>
|
|
|
|
<h1 id="NAME">NAME</h1>
|
|
|
|
<p>SSL_get_verify_result - get result of peer certificate verification</p>
|
|
|
|
<h1 id="SYNOPSIS">SYNOPSIS</h1>
|
|
|
|
<pre><code> #include <openssl/ssl.h>
|
|
|
|
long SSL_get_verify_result(const SSL *ssl);</code></pre>
|
|
|
|
<h1 id="DESCRIPTION">DESCRIPTION</h1>
|
|
|
|
<p>SSL_get_verify_result() returns the result of the verification of the X509 certificate presented by the peer, if any.</p>
|
|
|
|
<h1 id="NOTES">NOTES</h1>
|
|
|
|
<p>SSL_get_verify_result() can only return one error code while the verification of a certificate can fail because of many reasons at the same time. Only the last verification error that occurred during the processing is available from SSL_get_verify_result().</p>
|
|
|
|
<p>Sometimes there can be a sequence of errors leading to the verification failure as reported by SSL_get_verify_result(). To get the errors, it is necessary to setup a verify callback via <a href="../man3/SSL_CTX_set_verify.html">SSL_CTX_set_verify(3)</a> or <a href="../man3/SSL_set_verify.html">SSL_set_verify(3)</a> and retrieve the errors from the error stack there, because once <a href="../man3/SSL_connect.html">SSL_connect(3)</a> returns, these errors may no longer be available.</p>
|
|
|
|
<p>The verification result is part of the established session and is restored when a session is reused.</p>
|
|
|
|
<h1 id="BUGS">BUGS</h1>
|
|
|
|
<p>If no peer certificate was presented, the returned result code is X509_V_OK. This is because no verification error occurred, it does however not indicate success. SSL_get_verify_result() is only useful in connection with <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>.</p>
|
|
|
|
<h1 id="RETURN-VALUES">RETURN VALUES</h1>
|
|
|
|
<p>The following return values can currently occur:</p>
|
|
|
|
<dl>
|
|
|
|
<dt id="X509_V_OK">X509_V_OK</dt>
|
|
<dd>
|
|
|
|
<p>The verification succeeded or no peer certificate was presented.</p>
|
|
|
|
</dd>
|
|
<dt id="Any-other-value">Any other value</dt>
|
|
<dd>
|
|
|
|
<p>Documented in <a href="../man1/openssl-verify.html">openssl-verify(1)</a>.</p>
|
|
|
|
</dd>
|
|
</dl>
|
|
|
|
<h1 id="SEE-ALSO">SEE ALSO</h1>
|
|
|
|
<p><a href="../man7/ssl.html">ssl(7)</a>, <a href="../man3/SSL_set_verify_result.html">SSL_set_verify_result(3)</a>, <a href="../man3/SSL_get_peer_certificate.html">SSL_get_peer_certificate(3)</a>, <a href="../man1/openssl-verify.html">openssl-verify(1)</a></p>
|
|
|
|
<h1 id="COPYRIGHT">COPYRIGHT</h1>
|
|
|
|
<p>Copyright 2000-2023 The OpenSSL Project Authors. All Rights Reserved.</p>
|
|
|
|
<p>Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <a href="https://www.openssl.org/source/license.html">https://www.openssl.org/source/license.html</a>.</p>
|
|
|
|
|
|
</body>
|
|
|
|
</html>
|
|
|
|
|