Socket.ssl
From Yate Documentation
(Difference between revisions)
Line 1: | Line 1: | ||
− | The socket.ssl message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one. | + | The '''socket.ssl''' message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one. |
Parameters | Parameters |
Revision as of 17:19, 14 November 2012
The socket.ssl message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one.
Parameters
- server
- Boolean value requesting to negotiate SSL as server. Defaults to false if missing (negotiate as client)
- verify
- Keyword describing if and when the remote certificate is to be verified
- none - Don't ask for a certificate, don't stop if verification fails (default)
- peer - Certificate is verified only if provided (a server always provides one)
- only - Server only - verify client certificate only if provided and only once
- must - Server only - client must provide a certificate at every (re)negotiation
- once - Server only - client must provide a certificate only at first negotiation
- context
- Name of the SSL server context to use to secure the connection, if set overrides the domain parameter
- domain
- The domain used ti identify the SSL server context, used only if context isn't set explicitly
- test
- Boolean value requesting a test only (no socket replace). Defaults to false if missing
NOTE: The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer.