#include <XrdTlsNotary.hh>
◆ UseCN()
static void XrdTlsNotary::UseCN |
( |
bool |
yesno | ) |
|
|
inlinestatic |
Indicate whether or not common name may be used in validation.
- Parameters
-
yesno | - True if common name may be used, false otherwise. The common name is used only if the cert has no SAN extension or if we are allowed to use the DNS for validation. The default is true but is now deprecated! |
References cnOK.
◆ Validate()
static const char * XrdTlsNotary::Validate |
( |
const SSL * |
ssl, |
|
|
const char * |
hName, |
|
|
XrdNetAddrInfo * |
netInfo = 0 |
|
) |
| |
|
static |
Validate hostname using peer certificate (usually server's).
- Parameters
-
ssl | - pointer to peer's SSL object holding the cert. |
hName | - pointer to the hostname. |
netInfo | - Pointer to the XrdNetAddrInfo object for the peer host. This object will be used in a reverse lookup of the IP address to see if the names match as a final fallback. If nil, DNS fallback will not be tried. |
- Returns
- =0 - Hostname has been validated.
-
!0 - Hostname not validated, return value is pointer to reason. The error message should be formed as follows: Unable to validate host <name>; <returned reason>
◆ cnOK
The documentation for this class was generated from the following file: