luc14n0/glib
1
0
Fork 0
mirror of https://gitlab.gnome.org/GNOME/glib.git synced 2024-12-26 15:36:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'mcatanzaro/verify-chain-docs' into 'master'

Browse Source 
Improve documentation of g_tls_database_verify_chain()

See merge request GNOME/glib!1475
This commit is contained in:
Philip Withnall 2020-05-07 09:48:11 +00:00
commit 5bef5628f5
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
gio/gtlsdatabase.c
View File

@ -473,9 +473,13 @@ g_tls_database_class_init (GTlsDatabaseClass *klass)
* which means that the certificate is being used to authenticate a server * which means that the certificate is being used to authenticate a server
* (and we are acting as the client). * (and we are acting as the client).
* *
* The @identity is used to check for pinned certificates (trust exceptions) * The @identity is used to ensure the server certificate is valid for
* in the database. These will override the normal verification process on a * the expected peer identity. If the identity does not match the
* host by host basis. * certificate, %G_TLS_CERTIFICATE_BAD_IDENTITY will be set in the
* return value. If @identity is %NULL, that bit will never be set in
* the return value. The peer identity may also be used to check for
* pinned certificates (trust exceptions) in the database. These may
* override the normal verification process on a host-by-host basis.
* *
* Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be * Currently there are no @flags, and %G_TLS_DATABASE_VERIFY_NONE should be
* used. * used.