Socket.ssl
From Yate Documentation
(Difference between revisions)
| Line 18: | Line 18: | ||
: Name of the SSL server context to use to secure the connection, if set overrides the domain parameter | : Name of the SSL server context to use to secure the connection, if set overrides the domain parameter | ||
;domain | ;domain | ||
| − | : The domain used ti identify the SSL server context, used only if context isn't set | + | : The domain used ti identify the SSL server context, used only if context isn't set explicitly |
;test | ;test | ||
: Boolean value requesting a test only (no socket replace). Defaults to false if missing | : Boolean value requesting a test only (no socket replace). Defaults to false if missing | ||
'''NOTE:''' The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer. | '''NOTE:''' The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer. | ||
Revision as of 17:18, 14 November 2012
The socket.ssl message is sent by a module requesting to turn a regular TCP socket into a SSL/TLS encrypted one.
Parameters
- server
- Boolean value requesting to negotiate SSL as server. Defaults to false if missing (negotiate as client)
- verify
- Keyword describing if and when the remote certificate is to be verified
- none - Don't ask for a certificate, don't stop if verification fails (default)
- peer - Certificate is verified only if provided (a server always provides one)
- only - Server only - verify client certificate only if provided and only once
- must - Server only - client must provide a certificate at every (re)negotiation
- once - Server only - client must provide a certificate only at first negotiation
- context
- Name of the SSL server context to use to secure the connection, if set overrides the domain parameter
- domain
- The domain used ti identify the SSL server context, used only if context isn't set explicitly
- test
- Boolean value requesting a test only (no socket replace). Defaults to false if missing
NOTE: The message's user data object must be able to return a "Socket*" object. This must point to a pointer to the Socket object to modify. On a successful return the original Socket object is destroyed and replaced with a derived object with SSL capabilities. The pointer to the new object is placed into the provided pointer.
