Microchip® Advanced Software Framework

 All Data Structures Files Functions Variables Typedefs Enumerations Enumerator Macros Groups Pages
TLS Socket Options

The following list of macros are used to define SSL Socket options.

See Also
setsockopt

Macros

#define SO_SSL_ALPN   0x05
 
#define SO_SSL_BYPASS_X509_VERIF   0x01
 
#define SO_SSL_ENABLE_CERTNAME_VALIDATION   0x04
 
#define SO_SSL_ENABLE_SESSION_CACHING   0x03
 
#define SO_SSL_ENABLE_SNI_VALIDATION   0x04
 
#define SO_SSL_SNI   0x02
 

#define SO_SSL_ALPN   0x05

Set the list to use for Application-Layer Protocol Negotiation for an SSL socket.
This option is intended for internal use and should not be used by the application. Applications should use the API set_alpn_list.

Referenced by set_alpn_list(), and sslSetSockOpt().

#define SO_SSL_BYPASS_X509_VERIF   0x01

Allow an opened SSL socket to bypass the X509 certificate verification process. It is recommended NOT to use this socket option in production software applications. It is supported for debugging and testing purposes.
The option value should be casted to int type.
0: do not bypass the X509 certificate verification process (default, recommended).
1: bypass the X509 certificate verification process.
This option only takes effect if it is set after calling socket and before calling connect or secure.

Referenced by sslSetSockOpt().

#define SO_SSL_ENABLE_CERTNAME_VALIDATION   0x04

Enable internal validation of server name against the server's certificate subject common name. If there is no server name provided (via the SO_SSL_SNI option), setting this option does nothing.
The option value should be casted to int type.
0: disable server certificate name validation (default).
1: enable server certificate name validation (recommended).
This option only takes effect if it is set after calling socket and before calling connect or secure.

Referenced by sslSetSockOpt().

#define SO_SSL_ENABLE_SESSION_CACHING   0x03

This option allow the TLS to cache the session information for fast TLS session establishment in future connections using the TLS Protocol session resume features.
The option value should be casted to int type.
0: disable TLS session caching (default).
1: enable TLS session caching.
Note that TLS session caching is always enabled in TLS Server Mode and this option is ignored.
This option only takes effect if it is set after calling socket and before calling connect or secure.

Referenced by sslSetSockOpt().

#define SO_SSL_ENABLE_SNI_VALIDATION   0x04
#define SO_SSL_SNI   0x02

Set the Server Name Indicator (SNI) for an SSL socket. The SNI is a NULL- terminated string containing the server name associated with the connection. Its size must not exceed HOSTNAME_MAX_SIZE. If the SNI is not a null string, then TLS Client Hello messages will include the SNI extension.
This option only takes effect if it is set after calling socket and before calling connect or secure.

Referenced by sslConnect(), and sslSetSockOpt().