]>
Commit | Line | Data |
---|---|---|
4759abc5 RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | SSL_get_verify_result - get result of peer certificate verification | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/ssl.h> | |
10 | ||
c3e64028 | 11 | long SSL_get_verify_result(const SSL *ssl); |
4759abc5 RL |
12 | |
13 | =head1 DESCRIPTION | |
14 | ||
15 | SSL_get_verify_result() returns the result of the verification of the | |
16 | X509 certificate presented by the peer, if any. | |
17 | ||
18 | =head1 NOTES | |
19 | ||
20 | SSL_get_verify_result() can only return one error code while the verification | |
21 | of a certificate can fail because of many reasons at the same time. Only | |
52d160d8 | 22 | the last verification error that occurred during the processing is available |
4759abc5 RL |
23 | from SSL_get_verify_result(). |
24 | ||
25 | The verification result is part of the established session and is restored | |
26 | when a session is reused. | |
27 | ||
28 | =head1 BUGS | |
29 | ||
30 | If no peer certificate was presented, the returned result code is | |
52d160d8 | 31 | X509_V_OK. This is because no verification error occurred, it does however |
4759abc5 | 32 | not indicate success. SSL_get_verify_result() is only useful in connection |
9b86974e | 33 | with L<SSL_get_peer_certificate(3)>. |
4759abc5 RL |
34 | |
35 | =head1 RETURN VALUES | |
36 | ||
37 | The following return values can currently occur: | |
38 | ||
39 | =over 4 | |
40 | ||
41 | =item X509_V_OK | |
42 | ||
43 | The verification succeeded or no peer certificate was presented. | |
44 | ||
45 | =item Any other value | |
46 | ||
9b86974e | 47 | Documented in L<verify(1)>. |
4759abc5 RL |
48 | |
49 | =back | |
50 | ||
51 | =head1 SEE ALSO | |
52 | ||
9b86974e RS |
53 | L<ssl(3)>, L<SSL_set_verify_result(3)>, |
54 | L<SSL_get_peer_certificate(3)>, | |
55 | L<verify(1)> | |
4759abc5 RL |
56 | |
57 | =cut |