mbedtls_ssl_config Struct Reference
#include <ssl.h>
Data Fields |
const int * | ciphersuite_list [4] |
void(* | f_dbg )(void *, int, const char *, int, const char *) |
void * | p_dbg |
int(* | f_rng )(void *, unsigned char *, size_t) |
void * | p_rng |
int(* | f_get_cache )(void *, mbedtls_ssl_session *) |
int(* | f_set_cache )(void *, const mbedtls_ssl_session *) |
void * | p_cache |
int(* | f_sni )(void *, mbedtls_ssl_context *, const unsigned char *, size_t) |
void * | p_sni |
int(* | f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *) |
void * | p_vrfy |
int(* | f_cookie_write )(void *, unsigned char **, unsigned char *, const unsigned char *, size_t) |
int(* | f_cookie_check )(void *, const unsigned char *, size_t, const unsigned char *, size_t) |
void * | p_cookie |
int(* | f_ticket_write )(void *, const mbedtls_ssl_session *, unsigned char *, const unsigned char *, size_t *, uint32_t *) |
int(* | f_ticket_parse )(void *, mbedtls_ssl_session *, unsigned char *, size_t) |
void * | p_ticket |
int(* | f_export_keys )(void *, const unsigned char *, const unsigned char *, size_t, size_t, size_t) |
void * | p_export_keys |
const mbedtls_x509_crt_profile * | cert_profile |
mbedtls_ssl_key_cert * | key_cert |
mbedtls_x509_crt * | ca_chain |
mbedtls_x509_crl * | ca_crl |
const mbedtls_ecp_group_id * | curve_list |
mbedtls_mpi | dhm_P |
mbedtls_mpi | dhm_G |
const char ** | alpn_list |
uint32_t | read_timeout |
uint32_t | hs_timeout_min |
uint32_t | hs_timeout_max |
int | renego_max_records |
unsigned char | renego_period [8] |
unsigned int | badmac_limit |
unsigned int | dhm_min_bitlen |
unsigned char | max_major_ver |
unsigned char | max_minor_ver |
unsigned char | min_major_ver |
unsigned char | min_minor_ver |
unsigned int | endpoint: 1 |
unsigned int | transport: 1 |
unsigned int | authmode: 2 |
unsigned int | allow_legacy_renegotiation: 2 |
unsigned int | arc4_disabled: 1 |
unsigned int | mfl_code: 3 |
unsigned int | encrypt_then_mac: 1 |
unsigned int | extended_ms: 1 |
unsigned int | anti_replay: 1 |
unsigned int | cbc_record_splitting: 1 |
unsigned int | disable_renegotiation: 1 |
unsigned int | trunc_hmac: 1 |
unsigned int | session_tickets: 1 |
unsigned int | fallback: 1 |
unsigned int | cert_req_ca_list: 1 |
Detailed Description
SSL/TLS configuration to be shared between mbedtls_ssl_context structures.
Definition at line 618 of file ssl.h.
Field Documentation
MBEDTLS_LEGACY_XXX
Definition at line 757 of file ssl.h.
ordered list of protocols
Definition at line 714 of file ssl.h.
detect and prevent replay?
Definition at line 771 of file ssl.h.
blacklist RC4 ciphersuites?
Definition at line 759 of file ssl.h.
MBEDTLS_SSL_VERIFY_XXX
Definition at line 755 of file ssl.h.
limit of records with a bad MAC
Definition at line 737 of file ssl.h.
trusted CAs
Definition at line 689 of file ssl.h.
trusted CAs CRLs
Definition at line 690 of file ssl.h.
do cbc record splitting
Definition at line 774 of file ssl.h.
verification profile
Definition at line 687 of file ssl.h.
enable sending CA list in Certificate Request messages?
Definition at line 789 of file ssl.h.
allowed ciphersuites per version
Definition at line 626 of file ssl.h.
allowed curves
Definition at line 698 of file ssl.h.
generator for DHM
Definition at line 703 of file ssl.h.
min. bit length of the DHM prime
Definition at line 741 of file ssl.h.
prime modulus for DHM
Definition at line 702 of file ssl.h.
disable renegotiation?
Definition at line 777 of file ssl.h.
negotiate encrypt-then-mac?
Definition at line 765 of file ssl.h.
0: client, 1: server
Definition at line 753 of file ssl.h.
negotiate extended master secret?
Definition at line 768 of file ssl.h.
Callback to verify validity of a ClientHello cookie
Callback to create & write a cookie for ClientHello veirifcation
Callback for printing debug output
Callback to export key block and master secret
Callback to retrieve a session from the cache
Callback for getting (pseudo-)random numbers
Callback to store a session into the cache
Callback for setting cert according to SNI extension
Callback to parse a session ticket into a session structure
Callback to create & write a session ticket
Callback to customize X.509 certificate chain verification
is this a fallback?
Definition at line 786 of file ssl.h.
maximum value of the handshake retransmission timeout (ms)
Definition at line 726 of file ssl.h.
initial value of the handshake retransmission timeout (ms)
Definition at line 724 of file ssl.h.
own certificate/key pair(s)
Definition at line 688 of file ssl.h.
max. major version used
Definition at line 744 of file ssl.h.
max. minor version used
Definition at line 745 of file ssl.h.
desired fragment length
Definition at line 762 of file ssl.h.
min. major version used
Definition at line 746 of file ssl.h.
min. minor version used
Definition at line 747 of file ssl.h.
context for cache callbacks
Definition at line 640 of file ssl.h.
context for the cookie callbacks
Definition at line 667 of file ssl.h.
context for the debug function
Definition at line 630 of file ssl.h.
context for key export callback
Definition at line 683 of file ssl.h.
context for the RNG function
Definition at line 634 of file ssl.h.
context for SNI callback
Definition at line 645 of file ssl.h.
context for the ticket callbacks
Definition at line 676 of file ssl.h.
context for X.509 verify calllback
Definition at line 651 of file ssl.h.
timeout for mbedtls_ssl_read (ms)
Definition at line 721 of file ssl.h.
grace period for renegotiation
Definition at line 731 of file ssl.h.
value of the record counters that triggers renegotiation
Definition at line 732 of file ssl.h.
use session tickets?
Definition at line 783 of file ssl.h.
stream (TLS) or datagram (DTLS)
Definition at line 754 of file ssl.h.
negotiate truncated hmac?
Definition at line 780 of file ssl.h.
The documentation for this struct was generated from the following file: