module Nettls_support:sig
..end
typecredentials =
[ `Anonymous | `X509 of Netx509.x509_certificate ]
typeraw_credentials =
[ `Anonymous | `X509 of string ]
`X509 s
: The X509 certificate in DER encoding`Anonymous
: no certificate or other key is availabletypecred_type =
[ `Anonymous | `X509 ]
class type tls_session_props =object
..end
val get_tls_session_props : Netsys_crypto_types.tls_endpoint -> tls_session_props
val get_tls_user_name : tls_session_props -> string
Not_found
if nothing approriate is found.val squash_file_tls_endpoint : (module Netsys_crypto_types.FILE_TLS_ENDPOINT) ->
(module Netsys_crypto_types.TLS_ENDPOINT)
val is_endpoint_host : string -> tls_session_props -> bool
is_endpoint_host name props
: checks whether name
matches
the certificate of the endpoint in props
.
In particular, this function checks the DNS alternate name, and the common name of the subject. The certificate name can use wildcards.
Returns true if name
could be verified this way.
NB. This doesn't check SNI (addressed_server
), because this is the
peer's task.