nng_tls_config_auth_mode(3tls)

NAME

nng_tls_config_auth_mode - configure authentication mode

SYNOPSIS

#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>

typedef enum nng_tls_auth_mode {
        NNG_TLS_AUTH_MODE_NONE,
        NNG_TLS_AUTH_MODE_OPTIONAL,
        NNG_TLS_AUTH_MODE_REQUIRED
} nng_tls_auth_mode;

int nng_tls_config_auth_mode(nng_tls_config *cfg, nng_tls_auth_mode mode);

DESCRIPTION

The nng_tls_config_auth_mode() function configures the authentication mode to be used for TLS sessions using this configuration object.

The possible modes are:

NNG_TLS_AUTH_MODE_NONE

No authentication of the TLS peer is performed. This is the default for TLS servers, which most typically do not authenticate their clients.

NNG_TLS_AUTH_MODE_OPTIONAL

If a certificate is presented by the peer, then it is validated. However, if the peer does not present a valid certificate, then the session is allowed to proceed without authentication.

NNG_TLS_AUTH_MODE_REQUIRED

A check is made to ensure that the peer has presented a valid certificate used for the session. If the peer’s certificate is invalid or missing, then the session is refused. This is the default for clients.

RETURN VALUES

This function returns 0 on success, and non-zero otherwise.

ERRORS

NNG_ENOMEM

Insufficient memory is available.

NNG_EINVAL

An invalid mode was specified.

NNG_EBUSY

The configuration cfg is already in use, and cannot be modified.

SEE ALSO