XrdTlsNotary Class Reference

#include <XrdTlsNotary.hh>

List of all members.

Static Public Member Functions

static const char * Validate (const SSL *ssl, const char *hName, XrdNetAddrInfo *netInfo=0)
static void UseCN (bool yesno)

Static Private Attributes

static bool cnOK

Member Function Documentation

static void XrdTlsNotary::UseCN ( bool  yesno  )  [inline, static]

Indicate whether or not common name may be used in validation.

Parameters:
yesno - True if common name may be used, false otherwise. The common name is used only if the cert has no SAN extension or if we are allowed to use the DNS for validation. The default is true but is now deprecated!

References cnOK.

static const char* XrdTlsNotary::Validate ( const SSL *  ssl,
const char *  hName,
XrdNetAddrInfo netInfo = 0 
) [static]

Validate hostname using peer certificate (usually server's).

Parameters:
ssl - pointer to peer's SSL object holding the cert.
hName - pointer to the hostname.
netInfo - Pointer to the XrdNetAddrInfo object for the peer host. This object will be used in a reverse lookup of the IP address to see if the names match as a final fallback. If nil, DNS fallback will not be tried.
Returns:
=0 - Hostname has been validated.
!0 - Hostname not validated, return value is pointer to reason. The error message should be formed as follows: Unable to validate host <name>; <returned reason>="">

Member Data Documentation

bool XrdTlsNotary::cnOK [static, private]

Referenced by UseCN().


The documentation for this class was generated from the following file:
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Defines

Generated on 7 Jul 2020 for xrootd by  doxygen 1.6.1