Method
GioTlsDatabaselookup_certificate_issuer
since: 2.30
Declaration [src]
GTlsCertificate*
g_tls_database_lookup_certificate_issuer (
GTlsDatabase* self,
GTlsCertificate* certificate,
GTlsInteraction* interaction,
GTlsDatabaseLookupFlags flags,
GCancellable* cancellable,
GError** error
)
Description [src]
Look up the issuer of certificate
in the database. The
GTlsCertificate:issuer
property of certificate
is not modified, and
the two certificates are not hooked into a chain.
This function can block. Use g_tls_database_lookup_certificate_issuer_async()
to perform the lookup operation asynchronously.
Beware this function cannot be used to build certification paths. The issuer certificate returned by this function may not be the same as the certificate that would actually be used to construct a valid certification path during certificate verification. RFC 4158 explains why an issuer certificate cannot be naively assumed to be part of the the certification path (though GLib’s TLS backends may not follow the path building strategies outlined in this RFC). Due to the complexity of certification path building, GLib does not provide any way to know which certification path will actually be used when verifying a TLS certificate. Accordingly, this function cannot be used to make security-related decisions. Only GLib itself should make security decisions about TLS certificates.
Available since: 2.30
Parameters
certificate
-
Type:
GTlsCertificate
A
GTlsCertificate
.The data is owned by the caller of the method. interaction
-
Type:
GTlsInteraction
Used to interact with the user if necessary.
The argument can be NULL
.The data is owned by the caller of the method. flags
-
Type:
GTlsDatabaseLookupFlags
Flags which affect the lookup operation.
cancellable
-
Type:
GCancellable
A
GCancellable
, orNULL
.The argument can be NULL
.The data is owned by the caller of the method. error
-
Type:
GError **
The return location for a recoverable error.
The argument can be NULL
.If the return location is not NULL
, then you must initialize it to aNULL
GError*
.The argument will be left initialized to NULL
by the method if there are no errors.In case of error, the argument will be set to a newly allocated GError
; the caller will take ownership of the data, and be responsible for freeing it.
Return value
Type: GTlsCertificate
A newly allocated issuer GTlsCertificate
,
or NULL
. Use g_object_unref()
to release the certificate.
The caller of the method takes ownership of the returned data, and is responsible for freeing it. |