#include <ssl.h>

Collaboration diagram for mbedtls_ssl_config:

[legend]

Public Attributes
const int *	ciphersuite_list [4]

void(*	f_dbg )(void , int, const char , int, const char *)

void *	p_dbg

int(*	f_rng )(void , unsigned char , size_t)

void *	p_rng

int(*	f_get_cache )(void , mbedtls_ssl_session )

int(*	f_set_cache )(void , const mbedtls_ssl_session )

void *	p_cache

int(*	f_sni )(void , mbedtls_ssl_context , const unsigned char *, size_t)

void *	p_sni

int(*	f_vrfy )(void , mbedtls_x509_crt , int, uint32_t *)

void *	p_vrfy

const mbedtls_x509_crt_profile *	cert_profile

mbedtls_ssl_key_cert *	key_cert

mbedtls_x509_crt *	ca_chain

mbedtls_x509_crl *	ca_crl

const int *	sig_hashes

const mbedtls_ecp_group_id *	curve_list

mbedtls_mpi	dhm_P

mbedtls_mpi	dhm_G

const char **	alpn_list

uint32_t	read_timeout

int	renego_max_records

unsigned char	renego_period [8]

unsigned int	dhm_min_bitlen

unsigned char	max_major_ver

unsigned char	max_minor_ver

unsigned char	min_major_ver

unsigned char	min_minor_ver

unsigned int	endpoint: 1

unsigned int	transport: 1

unsigned int	authmode: 2

unsigned int	allow_legacy_renegotiation: 2

unsigned int	arc4_disabled: 1

unsigned int	mfl_code: 3

unsigned int	encrypt_then_mac: 1

unsigned int	extended_ms: 1

unsigned int	cbc_record_splitting: 1

unsigned int	disable_renegotiation: 1

unsigned int	trunc_hmac: 1

unsigned int	session_tickets: 1

Detailed Description

SSL/TLS configuration to be shared between mbedtls_ssl_context structures.

Definition at line 856 of file ssl.h.

Member Data Documentation

◆ allow_legacy_renegotiation

unsigned int mbedtls_ssl_config::allow_legacy_renegotiation

MBEDTLS_LEGACY_XXX

Definition at line 1013 of file ssl.h.

◆ alpn_list

const char** mbedtls_ssl_config::alpn_list

ordered list of protocols

Definition at line 970 of file ssl.h.

◆ arc4_disabled

unsigned int mbedtls_ssl_config::arc4_disabled

blacklist RC4 ciphersuites?

Definition at line 1015 of file ssl.h.

◆ authmode

unsigned int mbedtls_ssl_config::authmode

MBEDTLS_SSL_VERIFY_XXX

Definition at line 1011 of file ssl.h.

◆ ca_chain

mbedtls_x509_crt* mbedtls_ssl_config::ca_chain

trusted CAs

Definition at line 927 of file ssl.h.

◆ ca_crl

mbedtls_x509_crl* mbedtls_ssl_config::ca_crl

trusted CAs CRLs

Definition at line 928 of file ssl.h.

◆ cbc_record_splitting

unsigned int mbedtls_ssl_config::cbc_record_splitting

do cbc record splitting

Definition at line 1030 of file ssl.h.

◆ cert_profile

const mbedtls_x509_crt_profile* mbedtls_ssl_config::cert_profile

verification profile

Definition at line 925 of file ssl.h.

◆ ciphersuite_list

const int* mbedtls_ssl_config::ciphersuite_list[4]

allowed ciphersuites per version

Definition at line 864 of file ssl.h.

◆ curve_list

const mbedtls_ecp_group_id* mbedtls_ssl_config::curve_list

allowed curves

Definition at line 946 of file ssl.h.

◆ dhm_G

mbedtls_mpi mbedtls_ssl_config::dhm_G

generator for DHM

Definition at line 951 of file ssl.h.

◆ dhm_min_bitlen

unsigned int mbedtls_ssl_config::dhm_min_bitlen

min. bit length of the DHM prime

Definition at line 997 of file ssl.h.

◆ dhm_P

mbedtls_mpi mbedtls_ssl_config::dhm_P

prime modulus for DHM

Definition at line 950 of file ssl.h.

◆ disable_renegotiation

unsigned int mbedtls_ssl_config::disable_renegotiation

disable renegotiation?

Definition at line 1033 of file ssl.h.

◆ encrypt_then_mac

unsigned int mbedtls_ssl_config::encrypt_then_mac

negotiate encrypt-then-mac?

Definition at line 1021 of file ssl.h.

◆ endpoint

unsigned int mbedtls_ssl_config::endpoint

0: client, 1: server

Definition at line 1009 of file ssl.h.

◆ extended_ms

unsigned int mbedtls_ssl_config::extended_ms

negotiate extended master secret?

Definition at line 1024 of file ssl.h.

◆ f_dbg

void(* mbedtls_ssl_config::f_dbg) (void *, int, const char *, int, const char *)

Callback for printing debug output

Definition at line 867 of file ssl.h.

◆ f_get_cache

int(* mbedtls_ssl_config::f_get_cache) (void *, mbedtls_ssl_session *)

Callback to retrieve a session from the cache

Definition at line 875 of file ssl.h.

◆ f_rng

int(* mbedtls_ssl_config::f_rng) (void *, unsigned char *, size_t)

Callback for getting (pseudo-)random numbers

Definition at line 871 of file ssl.h.

◆ f_set_cache

int(* mbedtls_ssl_config::f_set_cache) (void *, const mbedtls_ssl_session *)

Callback to store a session into the cache

Definition at line 877 of file ssl.h.

◆ f_sni

int(* mbedtls_ssl_config::f_sni) (void *, mbedtls_ssl_context *, const unsigned char *, size_t)

Callback for setting cert according to SNI extension

Definition at line 882 of file ssl.h.

◆ f_vrfy

int(* mbedtls_ssl_config::f_vrfy) (void *, mbedtls_x509_crt *, int, uint32_t *)

Callback to customize X.509 certificate chain verification

Definition at line 888 of file ssl.h.

◆ key_cert

mbedtls_ssl_key_cert* mbedtls_ssl_config::key_cert

own certificate/key pair(s)

Definition at line 926 of file ssl.h.

Referenced by mbedtls_ssl_own_cert(), and mbedtls_ssl_own_key().

◆ max_major_ver

unsigned char mbedtls_ssl_config::max_major_ver

max. major version used

Definition at line 1000 of file ssl.h.

◆ max_minor_ver

unsigned char mbedtls_ssl_config::max_minor_ver

max. minor version used

Definition at line 1001 of file ssl.h.

◆ mfl_code

unsigned int mbedtls_ssl_config::mfl_code

desired fragment length

Definition at line 1018 of file ssl.h.

◆ min_major_ver

unsigned char mbedtls_ssl_config::min_major_ver

min. major version used

Definition at line 1002 of file ssl.h.

◆ min_minor_ver

unsigned char mbedtls_ssl_config::min_minor_ver

min. minor version used

Definition at line 1003 of file ssl.h.

◆ p_cache

void* mbedtls_ssl_config::p_cache

context for cache callbacks

Definition at line 878 of file ssl.h.

◆ p_dbg

void* mbedtls_ssl_config::p_dbg

context for the debug function

Definition at line 868 of file ssl.h.

◆ p_rng

void* mbedtls_ssl_config::p_rng

context for the RNG function

Definition at line 872 of file ssl.h.

◆ p_sni

void* mbedtls_ssl_config::p_sni

context for SNI callback

Definition at line 883 of file ssl.h.

◆ p_vrfy

void* mbedtls_ssl_config::p_vrfy

context for X.509 verify calllback

Definition at line 889 of file ssl.h.

◆ read_timeout

uint32_t mbedtls_ssl_config::read_timeout

timeout for mbedtls_ssl_read (ms)

Definition at line 977 of file ssl.h.

◆ renego_max_records

int mbedtls_ssl_config::renego_max_records

grace period for renegotiation

Definition at line 987 of file ssl.h.

◆ renego_period

unsigned char mbedtls_ssl_config::renego_period[8]

value of the record counters that triggers renegotiation

Definition at line 988 of file ssl.h.

◆ session_tickets

unsigned int mbedtls_ssl_config::session_tickets

use session tickets?

Definition at line 1039 of file ssl.h.

◆ sig_hashes

const int* mbedtls_ssl_config::sig_hashes

allowed signature hashes

Definition at line 942 of file ssl.h.

◆ transport

unsigned int mbedtls_ssl_config::transport

stream (TLS) or datagram (DTLS)

Definition at line 1010 of file ssl.h.

Referenced by mbedtls_ssl_hdr_len(), and mbedtls_ssl_hs_hdr_len().

◆ trunc_hmac

unsigned int mbedtls_ssl_config::trunc_hmac

negotiate truncated hmac?

Definition at line 1036 of file ssl.h.

The documentation for this struct was generated from the following file:

sdk/include/reactos/libs/mbedtls/ssl.h

Public Attributes