Changeset 3106 for pjproject/trunk/pjsip/include/pjsip/sip_transport_tls.h
- Timestamp:
- Feb 24, 2010 5:43:34 AM (15 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjsip/include/pjsip/sip_transport_tls.h
r2998 r3106 27 27 28 28 #include <pjsip/sip_transport.h> 29 #include <pj/ssl_sock.h> 29 30 #include <pj/string.h> 30 31 #include <pj/sock_qos.h> … … 122 123 123 124 /** 124 * When PJSIP is acting as a client (outgoing TLS connections), 125 * it will always receive a certificate from the peer. 126 * If \a verify_server is disabled (set to zero), PJSIP will not 127 * verifiy the certificate and allows TLS connections to servers 128 * which do not present a valid certificate. 129 * If \a tls_verify_server is non-zero, PJSIP verifies the server 130 * certificate and will close the TLS connection if the server 131 * certificate is not valid. 132 * 133 * This setting corresponds to OpenSSL SSL_VERIFY_PEER flag. 134 * Default value is zero. 125 * Specifies the action when verification of server TLS certificate 126 * resulting errors: 127 * - If \a verify_server is disabled (set to PJ_FALSE), TLS transport 128 * will just notify the application via #pjsip_tp_state_callback with 129 * state (PJSIP_TP_STATE_CONNECTED | PJSIP_TP_STATE_TLS_VERIF_ERROR) 130 * whenever there is any TLS verification error, the return value of 131 * the callback will be used to decide whether transport should be 132 * shutdown. 133 * - If \a verify_server is enabled (set to PJ_TRUE), TLS transport 134 * will be shutdown and application will be notified with state 135 * (PJSIP_TP_STATE_DISCONNECTED | PJSIP_TP_STATE_TLS_VERIF_ERROR) 136 * whenever there is any TLS verification error. 137 * 138 * When the verification resulting success, application will be notified 139 * via #pjsip_tp_state_callback with state PJSIP_TP_STATE_CONNECTED. 140 * 141 * Default value is PJ_FALSE. 135 142 */ 136 143 pj_bool_t verify_server; 137 144 138 145 /** 139 * When acting as server (incoming TLS connections), setting 140 * \a verify_client to non-zero will cause the transport to activate 141 * peer verification upon receiving incoming TLS connection. 142 * 143 * This setting corresponds to OpenSSL SSL_VERIFY_PEER flag. 144 * Default value is zero. 146 * Specifies the action when verification of server TLS certificate 147 * resulting errors: 148 * - If \a verify_client is disabled (set to PJ_FALSE), TLS transport 149 * will just notify the application via #pjsip_tp_state_callback with 150 * state (PJSIP_TP_STATE_ACCEPTED | PJSIP_TP_STATE_TLS_VERIF_ERROR) 151 * whenever there is any TLS verification error, the return value of 152 * the callback will be used to decide whether transport should be 153 * shutdown. 154 * - If \a verify_client is enabled (set to PJ_TRUE), TLS transport 155 * will be shutdown and application will be notified with state 156 * (PJSIP_TP_STATE_REJECTED | PJSIP_TP_STATE_TLS_VERIF_ERROR) 157 * whenever there is any TLS verification error. 158 * 159 * When the verification resulting success, application will be notified 160 * via #pjsip_tp_state_callback with state PJSIP_TP_STATE_ACCEPTED. 161 * 162 * Default value is PJ_FALSE. 145 163 */ 146 164 pj_bool_t verify_client; … … 151 169 * 152 170 * This setting corresponds to SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag. 153 * Default value is zero.171 * Default value is PJ_FALSE. 154 172 */ 155 173 pj_bool_t require_client_cert; … … 189 207 190 208 } pjsip_tls_setting; 209 210 211 /** 212 * This structure defines transport state extended info specifically for 213 * TLS transport. 214 */ 215 typedef struct pjsip_tls_state_info 216 { 217 /** 218 * SSL socket info. 219 */ 220 pj_ssl_sock_info *ssl_sock_info; 221 222 } pjsip_tls_state_info; 191 223 192 224
Note: See TracChangeset
for help on using the changeset viewer.