[gnutls-help] Decoding the status parameter in gnutls_certificate_verify_peers2

[Wouter Verhelst]

Hi,

gnutls_certificate_verify_peers2 is documented to have two parameters; a
gnutls_session_t and an unsigned int *status. The info page has these
two things to say about that status parameter:

    STATUS: is the output of the verification

and

   *Returns:* 'GNUTLS_E_SUCCESS' (0) when the validation is performed,
    or a negative error code otherwise.  A sucessful error code means
    that the 'status' parameter must be checked to obtain the
    validation status.

Unfortunately, it does not explain *how* one must check the "status"
parameter. I originally believed that the contents of the "status"
parameter should be 0, but now suddenly my test suite starts to fail
because status has changed to something else, and I can't figure out
what it means.

As such, I have two questions:
- What do I need to do to decode the "status" parameter?
- Why is this not documented in the documentation for verify_peers2 (and
  likewise, for verify_peers and verify_peers3)?

Thanks,

-- 
< ron> I mean, the main *practical* problem with C++, is there's like a dozen
       people in the world who think they really understand all of its rules,
       and pretty much all of them are just lying to themselves too.
 -- #debian-devel, OFTC, 2016-02-12