blob: d93feee3be9d516e0f01d3b2fdb6b29bd62978e0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
.\"
.\" $OpenBSD: SSL_get_verify_result.3,v 1.1 2016/11/05 15:32:20 schwarze Exp $
.\"
.Dd $Mdocdate: November 5 2016 $
.Dt SSL_GET_VERIFY_RESULT 3
.Os
.Sh NAME
.Nm SSL_get_verify_result
.Nd get result of peer certificate verification
.Sh SYNOPSIS
.In openssl/ssl.h
.Ft long
.Fn SSL_get_verify_result "const SSL *ssl"
.Sh DESCRIPTION
.Fn SSL_get_verify_result
returns the result of the verification of the X509 certificate presented by the
peer, if any.
.Sh NOTES
.Fn SSL_get_verify_result
can only return one error code while the verification of a certificate can fail
because of many reasons at the same time.
Only the last verification error that occurred during the processing is
available from
.Fn SSL_get_verify_result .
.Pp
The verification result is part of the established session and is restored when
a session is reused.
.Sh RETURN VALUES
The following return values can currently occur:
.Bl -tag -width Ds
.It Dv X509_V_OK
The verification succeeded or no peer certificate was presented.
.It Any other value
Documented in
.Xr openssl 1 .
.El
.Sh SEE ALSO
.Xr openssl 1 ,
.Xr ssl 3 ,
.Xr SSL_get_peer_certificate 3 ,
.Xr SSL_set_verify_result 3
.Sh BUGS
If no peer certificate was presented, the returned result code is
.Dv X509_V_OK .
This is because no verification error occurred;
however, it does not indicate success.
.Fn SSL_get_verify_result
is only useful in connection with
.Xr SSL_get_peer_certificate 3 .
|
