This documentation is for the TIP (development tree) of NNG and may represent unreleased changes or functionality that is experimental, and is subject to change before release. The latest released version is v1.8.0. See the documentation for v1.8.0 for the most up-to-date information.

nng_tls_config_auth_mode(3tls)

NAME

nng_tls_config_auth_mode - configure authentication mode

SYNOPSIS

#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>

typedef enum nng_tls_auth_mode {
        NNG_TLS_AUTH_MODE_NONE,
        NNG_TLS_AUTH_MODE_OPTIONAL,
        NNG_TLS_AUTH_MODE_REQUIRED
} nng_tls_auth_mode;

int nng_tls_config_auth_mode(nng_tls_config *cfg, nng_tls_auth_mode mode);

DESCRIPTION

The nng_tls_config_auth_mode() function configures the authentication mode to be used for TLS sessions using this configuration object.

The possible modes are:

NNG_TLS_AUTH_MODE_NONE

No authentication of the TLS peer is performed. This is the default for TLS servers, which most typically do not authenticate their clients.

NNG_TLS_AUTH_MODE_OPTIONAL

If a certificate is presented by the peer, then it is validated. However, if the peer does not present a valid certificate, then the session is allowed to proceed without authentication.

NNG_TLS_AUTH_MODE_REQUIRED

A check is made to ensure that the peer has presented a valid certificate used for the session. If the peer’s certificate is invalid or missing, then the session is refused. This is the default for clients.

RETURN VALUES

This function returns 0 on success, and non-zero otherwise.

ERRORS

NNG_ENOMEM

Insufficient memory is available.
NNG_EINVAL

An invalid mode was specified.
NNG_EBUSY

The configuration cfg is already in use, and cannot be modified.

SEE ALSO

nng_strerror(3), nng_tls_config_alloc(3tls), nng_tls_config_ca_chain(3tls), nng_tls_config_ca_file(3tls), nng_tls_config_server_name(3tls), nng(7)