blob: f8afc8eec22748c067f343a5179cb13843ab08c2 [file] [log] [blame]
MG Mud User88f12472016-06-24 23:31:02 +02001PRELIMINARY
2SYNOPSIS
3 mixed *tls_check_certificate(object obj);
4 mixed *tls_check_certificate(object obj, int extra);
5
6DESCRIPTION
7 tls_check_certificate() checks the certificate of the secured
8 connection bound to <obj> (default is the current object). If
9 <obj> is not interactive, or if TLS is not available, an error
10 is thrown.
11
12 If <obj> doesn't have a secure connection up and running, an
13 error is thrown.
14 Otherwise, the result is an array with these values:
15
16 int [0] : Result code of SSL_get_verify_result (see man 1 verify
17 subsection DIAGNOSTICS for possible values)
18 array [1] : array with 3*n entries of extra x509 data.
19 structure is:
20 3*i : numerical form of object name,
21 e.g. "2.5.4.3"
22 3*i + 1: long or short name if available,
23 e.g. "commonName"
24 3*i + 2: value
25 array [2] : if extra is set:
26 array with 3*n entries of x509 extension data
27 data structure is:
28 3*i : numerical form of extension name
29 3*i + 1: long or short name of extension
30 name if available
31 3*i + 2: array of strings with the data
32 structure of [1]
33
34 Note: a x509 certificate can have more than one object with
35 the same name
36
37BUGS
38 Not supported when using GnuTLS.
39
40HISTORY
41 Introduced in LDMud 3.3.672/3.2.11.
42 LDMud 3.3.711/3.2.12 modified the behaviour to return the
43 low-level API result value, and to throw an error if the connection
44 is not secure.
45
46SEE ALSO
47 tls_init_connection(E), tls_deinit_connection(E), tls_error(E),
48 tls_query_connection_state(E), tls_query_connection_info(E),
49 tls_available(E), tls_refresh_certs(E), mudlib/psyc-tls.c