WSASetSocketPeerTargetName function (ws2tcpip.h)

The WSASetSocketPeerTargetName function is used to specify the peer target name (SPN) that corresponds to a peer IP address. This target name is meant to be specified by client applications to securely identify the peer that should be authenticated.


INT WSAAPI WSASetSocketPeerTargetName(
  [in]           SOCKET                             Socket,
  [in]           const SOCKET_PEER_TARGET_NAME      *PeerTargetName,
  [in]           ULONG                              PeerTargetNameLen,
  [in, optional] LPWSAOVERLAPPED                    Overlapped,
  [in, optional] LPWSAOVERLAPPED_COMPLETION_ROUTINE CompletionRoutine


[in] Socket

A descriptor identifying a socket on which the peer target name is being assigned.

[in] PeerTargetName

A pointer to a SOCKET_PEER_TARGET_NAME structure that defines the peer target name.

[in] PeerTargetNameLen

The size, in bytes, of the PeerTargetName parameter.

[in, optional] Overlapped

A pointer to a WSAOVERLAPPED structure. This parameter is ignored for non-overlapped sockets.

[in, optional] CompletionRoutine

A pointer to the completion routine called when the operation has been completed. This parameter is ignored for non-overlapped sockets.

Return value

If the function succeeds, the return value is zero. Otherwise, a value of SOCKET_ERROR is returned, and a specific error code can be retrieved by calling WSAGetLastError.

Some possible error codes are listed below.

Error code Meaning
The specified address family is not supported.
The system detected an invalid address pointer in attempting to use a pointer argument of a call. This error is returned if the PeerTargetName parameter was a NULL pointer.
An invalid parameter was passed. This error is returned if the socket passed in the Socket parameter was not created with an address family of the AF_INET or AF_INET6 and a socket type of SOCK_DGRAM or SOCK_STREAM. This error is also returned for a connectionless socket if the IP address and port are zero in the PeerAddress member of the SOCKET_PEER_TARGET_NAME structure pointed to by the PeerTargetName parameter.
The socket is connected. This function is not permitted with a connected socket, whether the socket is connection oriented or connectionless.
A buffer passed was too small.
The descriptor passed in the Socket parameter is not a valid socket.


The WSASetSocketPeerTargetName function provides a method to specify the target name that corresponds to a peer security principal. This function is meant to be used by a client application to identify the peer that should be authenticated. A client application should specify the peer target name in order to prevent trusted man-in-the-middle attacks. For connectionless sockets, an application can call the WSASetSocketPeerTargetName function multiple times to specify different target names for different peer IP addresses.

This function simplifies having to call the WSAIoctl function with a dwIoControlCode parameter set to SIO_SET_PEER_TARGET_NAME.

For connection-oriented sockets, the WSASetSocketPeerTargetName function should be called before WSAConnect. For connectionless sockets, this function should be called before WSAConnect or before the first WSASendTo call directed to the peer address.

An error will be returned if the following conditions are not met.

  • The address family of the Socket parameter must be either AF_INET or AF_INET6.
  • The socket type must be either SOCK_STREAM or SOCK_DGRAM.


Requirement Value
Minimum supported client Windows Vista [desktop apps only]
Minimum supported server Windows Server 2008 [desktop apps only]
Target Platform Windows
Header ws2tcpip.h
Library Fwpuclnt.lib
DLL Fwpuclnt.dll

See also


Using Secure Socket Extensions






Windows Filtering Platform

Windows Filtering Platform API Functions

Winsock Secure Socket Extensions