



@deftypefun {int} {dane_verify_session_crt} (dane_state_t @var{s}, gnutls_session_t @var{session}, const char * @var{hostname}, const char * @var{proto}, unsigned int @var{port}, unsigned int @var{sflags}, unsigned int @var{vflags}, unsigned int * @var{verify})
@var{s}: A DANE state structure (may be NULL)

@var{session}: A gnutls session

@var{hostname}: The hostname associated with the chain

@var{proto}: The protocol of the service connecting (e.g. tcp)

@var{port}: The port of the service connecting (e.g. 443)

@var{sflags}: Flags for the the initialization of  @code{s} (if NULL)

@var{vflags}: Verification flags; an OR'ed list of @code{dane_verify_flags_t} .

@var{verify}: An OR'ed list of @code{dane_verify_status_t} .

This function will verify session's certificate chain against the
CA constrains and/or the certificate available via DANE.
See @code{dane_verify_crt()}  for more information.

This will not verify the chain for validity; unless the DANE
verification is restricted to end certificates, this must be
be performed separately using @code{gnutls_certificate_verify_peers3()} .

@strong{Returns:} On success, @code{DANE_E_SUCCESS}  (0) is returned, otherwise a
negative error value.
@end deftypefun
