diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-28 12:47:49 +0100 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-01-28 13:32:16 +0100 |
commit | dc42971afc5051136ebc8d4b21cb49a2055d4a7b (patch) | |
tree | 0c5ed89d85e634ee087b09b911cfd3ac04563ad5 /doc/cha-gtls-examples.texi | |
parent | eb3ba487cd5881107f8c63dd3ae4356ccb847dff (diff) | |
download | gnutls-dc42971afc5051136ebc8d4b21cb49a2055d4a7b.tar.gz |
Added gnutls_verify_stored_pubkey() and gnutls_store_pubkey().
This enables using ssh-like authentication for TLS sessions.
Diffstat (limited to 'doc/cha-gtls-examples.texi')
-rw-r--r-- | doc/cha-gtls-examples.texi | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/doc/cha-gtls-examples.texi b/doc/cha-gtls-examples.texi index 8fbf6b8b9f..9d253a0045 100644 --- a/doc/cha-gtls-examples.texi +++ b/doc/cha-gtls-examples.texi @@ -25,6 +25,7 @@ implemented by another example. @menu * Simple client example with anonymous authentication:: * Simple client example with X.509 certificate support:: +* Simple client example with SSH-style certificate verification:: * Simple Datagram TLS client example:: * Obtaining session information:: * Using a callback to select the certificate to use:: @@ -47,6 +48,8 @@ is vulnerable to man-in-the-middle (active or redirection) attacks. However, the data are integrity protected and encrypted from passive eavesdroppers. +Note that the server must support anonymous authentication as well. + @verbatiminclude examples/ex-client-anon.c @node Simple client example with X.509 certificate support @@ -62,6 +65,16 @@ resumption. @verbatiminclude examples/ex-client-x509.c +@node Simple client example with SSH-style certificate verification +@subsection Simple client example with SSH-style certificate verification + +This is an alternative verification function that will use the +X.509 certificate authorities for verification, but also assume an +SSH-like authentication system. That is the user is prompted on unknown +public keys and known public keys are considered trusted. + +@verbatiminclude examples/ex-verify-ssh.c + @node Simple Datagram TLS client example @subsection Simple datagram @acronym{TLS} client example |