RTI TCP Transport  Version 6.0.0
 All Data Structures Functions Variables Typedefs Enumerations Enumerator Groups Pages
RTI TLS Support

OpenSSL configuration interfaces and definitions. More...

Data Structures

struct  RTITLS_Verification
 Set of TLS properties for certificate authorities (CAs) and verification. More...
 
struct  RTITLS_Identity
 Set of TLS properties for identity. More...
 
struct  RTITLS_DHParamFile
 Name of a Diffie-Helman (DH) key file and the length of the contained key in bits. More...
 
struct  RTITLS_Ciphers
 Set of TLS properties for cipher configuration. More...
 
struct  RTITLS_OpenSSL_Configuration
 Full set of TLS properties. More...
 

Macros

#define RTITLS_VERIFY_DEFAULT
 Use this to initialize a RTITLS_Verfication structure.
 
#define RTITLS_IDENTITY_DEFAULT
 Use this to initialize a RTITLS_Identity structure.
 
#define RTITLS_CIPHER_LIST_DEFAULT   "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH"
 Cipher list string for default channel (encrypted)
 
#define RTITLS_CIPHER_LIST_ENCRYPT_HIGH   "AES:ALL:!aNULL:!eNULL:!LOW:!EXP:+RC4:@STRENGTH"
 Cipher list string for default channel (encrypted, no low-strength)
 
#define RTITLS_CIPHER_LIST_UNENCRYPTED   "aNULL"
 Cipher list string for authentication-only channel (no encryption)
 
#define RTITLS_CIPHER_DEFAULT
 Use this to initialize a RTITLS_Ciphers structure.
 
#define RTITLS_OPENSSL_CONFIGURATION_DEFAULT
 Use this to initialize a RTITLS_OpenSSL_Configuration structure.
 

Typedefs

typedef int(* RTITLS_Verify_Callback )(int preverify_ok, X509_STORE_CTX *x509_ctx)
 Callback used to verify peer certificates.
 

Functions

void RTITLS_thread_exit ()
 clean up OpenSSL resources for current thread (call before exit)
 
int RTITLS_default_verify_callback (int ok, X509_STORE_CTX *store)
 Default verify callback: log errors when verification fails.
 
int RTITLS_verbose_verify_callback (int ok, X509_STORE_CTX *store)
 Verbose verify callback: log information about successful verification as well as errors when verification fails.
 

Detailed Description

OpenSSL configuration interfaces and definitions.

Macro Definition Documentation

#define RTITLS_VERIFY_DEFAULT
Value:
{ \
NULL, NULL, NULL, /* ca_file, ca_path, ca */ \
-1, /* verify_depth (no depth limit) */ \
NULL, /* callback (use default verify callback) */ \
NULL /* crl_file */ }

Use this to initialize a RTITLS_Verfication structure.

#define RTITLS_IDENTITY_DEFAULT
Value:
{ \
NULL, /* certificate_chain */ \
NULL, /* certificate_chain_file */ \
NULL, /* private_key_password */ \
NULL, /* private_key */ \
NULL, /* private_key_file */ \
NULL, /* rsa_private_key */ \
NULL /* rsa_private_key_file */ }

Use this to initialize a RTITLS_Identity structure.

#define RTITLS_CIPHER_LIST_DEFAULT   "AES:ALL:!aNULL:!eNULL:+RC4:@STRENGTH"

Cipher list string for default channel (encrypted)

#define RTITLS_CIPHER_LIST_ENCRYPT_HIGH   "AES:ALL:!aNULL:!eNULL:!LOW:!EXP:+RC4:@STRENGTH"

Cipher list string for default channel (encrypted, no low-strength)

#define RTITLS_CIPHER_LIST_UNENCRYPTED   "aNULL"

Cipher list string for authentication-only channel (no encryption)

#define RTITLS_CIPHER_DEFAULT
Value:
{ \
NULL, /* cipher_list (default cipher list) */ \
0, NULL, /* dh_param_files_length, dh_param_files (no DH params) */ \
NULL, /* engine_id (no engine) */ \
0, NULL, NULL, /* engine_pre_cmd_length, engine_pre_cmd_names, engine_pre_cmd_parameters */ \
0, NULL, NULL /* engine_post_cmd_length, engine_post_cmd_names, engeine_post_cmd_parameters */ }

Use this to initialize a RTITLS_Ciphers structure.

#define RTITLS_OPENSSL_CONFIGURATION_DEFAULT
Value:
{ \
RTITLS_VERIFY_DEFAULT, /* verify */ \
RTITLS_IDENTITY_DEFAULT, /* identity */ \
RTITLS_CIPHER_DEFAULT, /* cipher */ \
RTITLS_RENEGOTIATE_DEFAULT /* renegotiate */ }

Use this to initialize a RTITLS_OpenSSL_Configuration structure.

Typedef Documentation

typedef int(* RTITLS_Verify_Callback)(int preverify_ok, X509_STORE_CTX *x509_ctx)

Callback used to verify peer certificates.

See the OpenSSL manual page for SSL_CTX_set_verify for more information.

Function Documentation

void RTITLS_thread_exit ( )

clean up OpenSSL resources for current thread (call before exit)

int RTITLS_default_verify_callback ( int  ok,
X509_STORE_CTX *  store 
)

Default verify callback: log errors when verification fails.

See the OpenSSL manual page for SSL_CTX_set_verify for more information.

int RTITLS_verbose_verify_callback ( int  ok,
X509_STORE_CTX *  store 
)

Verbose verify callback: log information about successful verification as well as errors when verification fails.

See the OpenSSL manual page for SSL_CTX_set_verify for more information.


RTI TCP Transport Version 6.0.0 Copyright © Sun Mar 3 2019 Real-Time Innovations, Inc