 |
Zephyr Project API
3.3.0
A Scalable Open Source RTOS
|
|
Zephyr Project API
3.3.0
A Scalable Open Source RTOS
|
Macros | |
| #define | TLS_SEC_TAG_LIST 1 |
| #define | TLS_HOSTNAME 2 |
| #define | TLS_CIPHERSUITE_LIST 3 |
| #define | TLS_CIPHERSUITE_USED 4 |
| #define | TLS_PEER_VERIFY 5 |
| #define | TLS_DTLS_ROLE 6 |
| #define | TLS_ALPN_LIST 7 |
| #define | TLS_DTLS_HANDSHAKE_TIMEOUT_MIN 8 |
| #define | TLS_DTLS_HANDSHAKE_TIMEOUT_MAX 9 |
| #define | TLS_CERT_NOCOPY 10 |
| #define | TLS_NATIVE 11 |
| #define | TLS_SESSION_CACHE 12 |
| #define | TLS_SESSION_CACHE_PURGE 13 |
| #define TLS_ALPN_LIST 7 |
#include <include/zephyr/net/socket.h>
Socket option for setting the supported Application Layer Protocols. It accepts and returns a const char array of NULL terminated strings representing the supported application layer protocols listed during the TLS handshake.
| #define TLS_CERT_NOCOPY 10 |
#include <include/zephyr/net/socket.h>
Socket option for preventing certificates from being copied to the mbedTLS heap if possible. The option is only effective for DER certificates and is ignored for PEM certificates.
| #define TLS_CIPHERSUITE_LIST 3 |
#include <include/zephyr/net/socket.h>
Socket option to select ciphersuites to use. It accepts and returns an array of integers with IANA assigned ciphersuite identifiers. If not set, socket will allow all ciphersuites available in the system (mbedTLS default behavior).
| #define TLS_CIPHERSUITE_USED 4 |
#include <include/zephyr/net/socket.h>
Read-only socket option to read a ciphersuite chosen during TLS handshake. It returns an integer containing an IANA assigned ciphersuite identifier of chosen ciphersuite.
| #define TLS_DTLS_HANDSHAKE_TIMEOUT_MAX 9 |
#include <include/zephyr/net/socket.h>
| #define TLS_DTLS_HANDSHAKE_TIMEOUT_MIN 8 |
#include <include/zephyr/net/socket.h>
Socket option to set DTLS handshake timeout. The timeout starts at min, and upon retransmission the timeout is doubled util max is reached. Min and max arguments are separate options. The time unit is ms.
| #define TLS_DTLS_ROLE 6 |
#include <include/zephyr/net/socket.h>
Write-only socket option to set role for DTLS connection. This option is irrelevant for TLS connections, as for them role is selected based on connect()/listen() usage. By default, DTLS will assume client role. This option accepts an integer with a TLS role, compatible with mbedTLS values:
| #define TLS_HOSTNAME 2 |
#include <include/zephyr/net/socket.h>
Write-only socket option to set hostname. It accepts a string containing the hostname (may be NULL to disable hostname verification). By default, hostname check is enforced for TLS clients.
| #define TLS_NATIVE 11 |
#include <include/zephyr/net/socket.h>
TLS socket option to use with offloading. The option instructs the network stack only to offload underlying TCP/UDP communication. The TLS/DTLS operation is handled by a native TLS/DTLS socket implementation from Zephyr.
Note, that this option is only applicable if socket dispatcher is used (CONFIG_NET_SOCKETS_OFFLOAD_DISPATCHER is enabled). In such case, it should be the first socket option set on a newly created socket. After that, the application may use SO_BINDTODEVICE to choose the dedicated network interface for the underlying TCP/UDP socket.
| #define TLS_PEER_VERIFY 5 |
#include <include/zephyr/net/socket.h>
Write-only socket option to set peer verification level for TLS connection. This option accepts an integer with a peer verification level, compatible with mbedTLS values:
If not set, socket will use mbedTLS defaults (none for servers, required for clients).
| #define TLS_SEC_TAG_LIST 1 |
#include <include/zephyr/net/socket.h>
Socket option to select TLS credentials to use. It accepts and returns an array of sec_tag_t that indicate which TLS credentials should be used with specific socket.
| #define TLS_SESSION_CACHE 12 |
#include <include/zephyr/net/socket.h>
Socket option to control TLS session caching on a socket. Accepted values:
| #define TLS_SESSION_CACHE_PURGE 13 |
#include <include/zephyr/net/socket.h>
Write-only socket option to purge session cache immediately. This option accepts any value.
1.9.2