The following list of macros are used to define SSL Socket options.
Macros | |
| #define | SO_SSL_ALPN 0x05 |
| #define | SO_SSL_BYPASS_X509_VERIF 0x01 |
| #define | SO_SSL_ENABLE_CERTNAME_VALIDATION 0x04 |
| #define | SO_SSL_ENABLE_SESSION_CACHING 0x03 |
| #define | SO_SSL_ENABLE_SNI_VALIDATION 0x04 |
| #define | SO_SSL_SNI 0x02 |
| #define SO_SSL_ALPN 0x05 |
Set the list to use for Application-Layer Protocol Negotiation for an SSL socket.
This option is intended for internal use and should not be used by the application. Applications should use the API set_alpn_list.
Referenced by set_alpn_list(), and sslSetSockOpt().
| #define SO_SSL_BYPASS_X509_VERIF 0x01 |
Allow an opened SSL socket to bypass the X509 certificate verification process. It is recommended NOT to use this socket option in production software applications. It is supported for debugging and testing purposes.
The option value should be casted to int type.
0: do not bypass the X509 certificate verification process (default, recommended).
1: bypass the X509 certificate verification process.
This option only takes effect if it is set after calling socket and before calling connect or secure.
Referenced by sslSetSockOpt().
| #define SO_SSL_ENABLE_CERTNAME_VALIDATION 0x04 |
Enable internal validation of server name against the server's certificate subject common name. If there is no server name provided (via the SO_SSL_SNI option), setting this option does nothing.
The option value should be casted to int type.
0: disable server certificate name validation (default).
1: enable server certificate name validation (recommended).
This option only takes effect if it is set after calling socket and before calling connect or secure.
Referenced by sslSetSockOpt().
| #define SO_SSL_ENABLE_SESSION_CACHING 0x03 |
This option allow the TLS to cache the session information for fast TLS session establishment in future connections using the TLS Protocol session resume features.
The option value should be casted to int type.
0: disable TLS session caching (default).
1: enable TLS session caching.
Note that TLS session caching is always enabled in TLS Server Mode and this option is ignored.
This option only takes effect if it is set after calling socket and before calling connect or secure.
Referenced by sslSetSockOpt().
| #define SO_SSL_ENABLE_SNI_VALIDATION 0x04 |
Legacy name for SO_SSL_ENABLE_CERTNAME_VALIDATION.
| #define SO_SSL_SNI 0x02 |
Set the Server Name Indicator (SNI) for an SSL socket. The SNI is a NULL- terminated string containing the server name associated with the connection. Its size must not exceed HOSTNAME_MAX_SIZE. If the SNI is not a null string, then TLS Client Hello messages will include the SNI extension.
This option only takes effect if it is set after calling socket and before calling connect or secure.
Referenced by sslConnect(), and sslSetSockOpt().
1.8.5