Socket.ssl
From Yate Documentation
(Difference between revisions)
(One intermediate revision by one user not shown) | |||
Line 2: | Line 2: | ||
The '''socket.ssl''' message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one. | The '''socket.ssl''' message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one. | ||
− | Parameters | + | ===Parameters=== |
;server | ;server | ||
Line 23: | Line 23: | ||
'''NOTE:''' The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer. | '''NOTE:''' The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer. | ||
+ | |||
+ | |||
+ | '''See also''' | ||
+ | |||
+ | *[[socket.sctp]] |
Latest revision as of 17:26, 21 January 2013
The socket.ssl message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one.
[edit] Parameters
- server
- Boolean value requesting to negotiate SSL as server. Defaults to false if missing (negotiate as client)
- verify
- Keyword describing if and when the remote certificate is to be verified
- none - Don't ask for a certificate, don't stop if verification fails (default)
- peer - Certificate is verified only if provided (a server always provides one)
- only - Server only - verify client certificate only if provided and only once
- must - Server only - client must provide a certificate at every (re)negotiation
- once - Server only - client must provide a certificate only at first negotiation
- context
- Name of the SSL server context to use to secure the connection, if set overrides the domain parameter
- domain
- The domain used ti identify the SSL server context, used only if context isn't set explicitly
- test
- Boolean value requesting a test only (no socket replace). Defaults to false if missing
NOTE: The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer.
See also