1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
|
@deftypefun {int} {gnutls_sign_set_secure_for_certs} (gnutls_sign_algorithm_t @var{sign}, unsigned int @var{secure})
@var{sign}: the sign algorithm
@var{secure}: whether to mark the sign algorithm secure for certificates
Modify the previous system wide setting that marked @code{sign} as secure
or insecure for the use in certificates. Calling this function is allowed
only if allowlisting mode is set in the configuration file,
and only if the system-wide TLS priority string
has not been initialized yet.
The intended usage is to provide applications with a way
to expressly deviate from the distribution or site defaults
inherited from the configuration file.
The modification is composable with further modifications
performed through the priority string mechanism.
This function is not thread-safe and is intended to be called
in the main thread at the beginning of the process execution.
When @code{secure} is true, @code{sign} is marked as secure for any use unlike
@code{gnutls_sign_set_secure()} . Otherwise, it is marked as insecure only
for the use in certificates. Use @code{gnutls_sign_set_secure()} to mark
it insecure for any uses.
@strong{Returns:} 0 on success or negative error code otherwise.
@strong{Since:} 3.7.3
@end deftypefun
|
