gnutls_x509_trust_list_add_crls — API function
Synopsis
#include <gnutls/x509.h>
int gnutls_x509_trust_list_add_crls(gnutls_x509_trust_list_t list, const gnutls_x509_crl_t * crl_list, unsigned crl_size, unsigned int flags, unsigned int verification_flags);
Arguments
- gnutls_x509_trust_list_t list
The list
- const gnutls_x509_crl_t * crl_list
A list of CRLs
- unsigned crl_size
The length of the CRL list
- unsigned int flags
flags from gnutls_trust_list_flags_t
- unsigned int verification_flags
gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL
Description
This function will add the given certificate revocation lists to the trusted list. The CRLs in crl_list must not be deinitialized during the lifetime of list .
This function must be called after gnutls_x509_trust_list_add_cas() to allow verifying the CRLs for validity. If the flag GNUTLS_TL_NO_DUPLICATES is given, then the final CRL list will not contain duplicate entries.
If the flag GNUTLS_TL_NO_DUPLICATES is given, gnutls_x509_trust_list_deinit() must be called with parameter all being 1.
If flag GNUTLS_TL_VERIFY_CRL is given the CRLs will be verified before being added, and if verification fails, they will be skipped.
Returns
The number of added elements is returned; that includes duplicate entries.
Since
3.0
Reporting Bugs
Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org
Copyright
Copyright © 2001-2019 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
See Also
The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit