Home --> Documentations --> PJLIB Reference
Definition of secure socket creation parameters.
Number of concurrent asynchronous operations that is to be supported by the secure socket. This value only affects socket receive and accept operations – the secure socket will issue one or more asynchronous read and accept operations based on the value of this field. Setting this field to more than one will allow more than one incoming data or incoming connections to be processed simultaneously on multiprocessor systems, when the ioqueue is polled by more than one threads.
The default value is 1.
Ciphers and order preference. If empty, then default cipher list and its default order of the backend will be used.
Number of ciphers contained in the specified cipher preference. If this is set to zero, then the cipher list used will be determined by the backend default (for OpenSSL backend, setting PJ_SSL_SOCK_OSSL_CIPHERS will be used).
The ioqueue concurrency to be forced on the socket when it is registered to the ioqueue. See pj_ioqueue_set_concurrency() for more info about ioqueue concurrency.
When this value is -1, the concurrency setting will not be forced for this socket, and the socket will inherit the concurrency setting of the ioqueue. When this value is zero, the secure socket will disable concurrency for the socket. When this value is +1, the secure socket will enable concurrency for the socket.
The default value is -1.
Number of curves contained in the specified curve preference. If this is set to zero, then default curve list of the backend will be used.
Default: 0 (zero).
When using a file/socket for entropy #PJ_SSL_ENTROPY_EGD or #PJ_SSL_ENTROPY_FILE, entropy_path must contain the path to entropy socket/file.
Default value is an empty string.
Reseed random number generator. For type #PJ_SSL_ENTROPY_FILE, parameter entropy_path must be set to a file. For type #PJ_SSL_ENTROPY_EGD, parameter entropy_path must be set to a socket.
Default value is PJ_SSL_ENTROPY_NONE.
Optional group lock to be assigned to the ioqueue key.
Note that when a secure socket listener is configured with a group lock, any new secure socket of an accepted incoming connection will have its own group lock created automatically by the library, this group lock can be queried via pj_ssl_sock_get_info() in the info field pj_ssl_sock_info::grp_lock.
Specify the ioqueue to use. Secure socket uses the ioqueue to perform active socket operations, see Active socket I/O for more detail.
Specify security protocol to use, see pj_ssl_sock_proto. Use bitwise OR operation to combine the protocol type.
Default is PJ_SSL_SOCK_PROTO_DEFAULT.
Specify if the transport should ignore any errors when setting the QoS traffic type/parameters.
Set the low level QoS parameters to the transport. This is a lower level operation than setting the qos_type field and may not be supported on all platforms.
By default all settings in this structure are disabled.
QoS traffic type to be set on this transport. When application wants to apply QoS tagging to the transport, it's preferable to set this field rather than qos_param fields since this is more portable.
Default value is PJ_QOS_TYPE_BEST_EFFORT.
Specify buffer size for receiving encrypted (and perhaps compressed) data on underlying socket. This setting is unused on Symbian, since SSL/TLS Symbian backend, CSecureSocket, can use application buffer directly.
Default value is 1500.
When secure socket is acting as server (handles incoming connection), it will require the client to provide certificate.
Default value is PJ_FALSE.
Specify if SO_REUSEADDR should be used for listening socket. This option will only be used with accept() operation.
Default is PJ_FALSE.
Specify buffer size for sending operation. Buffering sending data is used for allowing application to perform multiple outstanding send operations. Whenever application specifies this setting too small, sending operation may return PJ_ENOMEM.
Default value is 8192 bytes.
Server name indication. When secure socket is acting as client (perform outgoing connection) and the server may host multiple 'virtual' servers at a single underlying network address, setting this will allow client to tell the server a name of the server it is contacting. This must be set to hostname and literal IP addresses are not allowed.
Default value is zero/not-set.
The supported signature algorithms. Set the sigalgs string using this form: "<DIGEST>+<ALGORITHM>:<DIGEST>+<ALGORITHM>" Digests are: "RSA", "DSA" or "ECDSA" Algorithms are: "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512" Example: "ECDSA+SHA256:RSA+SHA256"
Specify if the transport should ignore any errors when setting the sockopt parameters.
Specify options to be set on the transport.
By default there is no options.
Security negotiation timeout. If this is set to zero (both sec and msec), the negotiation doesn't have a timeout.
Default value is zero.
Specify the timer heap to use. Secure socket uses the timer to provide auto cancelation on asynchronous operation when it takes longer time than specified timeout period, e.g: security negotiation timeout.
Specify secure socket user data.
Specify whether endpoint should verify peer certificate.
Default value is PJ_FALSE.
If this option is specified, the secure socket will make sure that asynchronous send operation with stream oriented socket will only call the callback after all data has been sent. This means that the secure socket will automatically resend the remaining data until all data has been sent.
Please note that when this option is specified, it is possible that error is reported after partial data has been sent. Also setting this will disable the ioqueue concurrency for the socket.
Default value is 1.
The documentation for this struct was generated from the following file:
PJLIB Open Source, high performance, small footprint, and very very portable framework
Copyright (C) 2006-2009 Teluu Inc.