mbedtls_ssl_context Struct Reference

#include <ssl.h>

Collaboration diagram for mbedtls_ssl_context:

Data Fields
const mbedtls_ssl_config *	conf
int	state
int	renego_status
int	renego_records_seen
int	major_ver
int	minor_ver
unsigned	badmac_seen
int(*	f_vrfy )(void *, mbedtls_x509_crt *, int, uint32_t *)
void *	p_vrfy
mbedtls_ssl_send_t *	f_send
mbedtls_ssl_recv_t *	f_recv
mbedtls_ssl_recv_timeout_t *	f_recv_timeout
void *	p_bio
mbedtls_ssl_session *	session_in
mbedtls_ssl_session *	session_out
mbedtls_ssl_session *	session
mbedtls_ssl_session *	session_negotiate
mbedtls_ssl_handshake_params *	handshake
mbedtls_ssl_transform *	transform_in
mbedtls_ssl_transform *	transform_out
mbedtls_ssl_transform *	transform
mbedtls_ssl_transform *	transform_negotiate
void *	p_timer
mbedtls_ssl_set_timer_t *	f_set_timer
mbedtls_ssl_get_timer_t *	f_get_timer
unsigned char *	in_buf
unsigned char *	in_ctr
unsigned char *	in_hdr
unsigned char *	in_len
unsigned char *	in_iv
unsigned char *	in_msg
unsigned char *	in_offt
int	in_msgtype
size_t	in_msglen
size_t	in_left
uint16_t	in_epoch
size_t	next_record_offset
uint64_t	in_window_top
uint64_t	in_window
size_t	in_hslen
int	nb_zero
int	keep_current_message
uint8_t	disable_datagram_packing
unsigned char *	out_buf
unsigned char *	out_ctr
unsigned char *	out_hdr
unsigned char *	out_len
unsigned char *	out_iv
unsigned char *	out_msg
int	out_msgtype
size_t	out_msglen
size_t	out_left
unsigned char	cur_out_ctr [8]
uint16_t	mtu
signed char	split_done
int	client_auth
char *	hostname
const char *	alpn_chosen
mbedtls_dtls_srtp_info	dtls_srtp_info
unsigned char *	cli_id
size_t	cli_id_len
int	secure_renegotiation
size_t	verify_data_len
char	own_verify_data [MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]
char	peer_verify_data [MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

Detailed Description

Definition at line 1292 of file ssl.h.

Field Documentation

alpn_chosen

const char* mbedtls_ssl_context::alpn_chosen

negotiated protocol

Definition at line 1474 of file ssl.h.

badmac_seen

unsigned mbedtls_ssl_context::badmac_seen

records with a bad MAC received

Definition at line 1310 of file ssl.h.

cli_id

unsigned char* mbedtls_ssl_context::cli_id

transport-level ID of the client

Definition at line 1488 of file ssl.h.

cli_id_len

size_t mbedtls_ssl_context::cli_id_len

length of cli_id

Definition at line 1489 of file ssl.h.

client_auth

int mbedtls_ssl_context::client_auth

flag for client auth.

Definition at line 1435 of file ssl.h.

conf

const mbedtls_ssl_config* mbedtls_ssl_context::conf

configuration information

Definition at line 1293 of file ssl.h.

cur_out_ctr

unsigned char mbedtls_ssl_context::cur_out_ctr[8]

Outgoing record sequence number.

Definition at line 1419 of file ssl.h.

disable_datagram_packing

uint8_t mbedtls_ssl_context::disable_datagram_packing

Disable packing multiple records within a single datagram.

Definition at line 1394 of file ssl.h.

dtls_srtp_info

mbedtls_dtls_srtp_info mbedtls_ssl_context::dtls_srtp_info

Definition at line 1481 of file ssl.h.

f_get_timer

mbedtls_ssl_get_timer_t* mbedtls_ssl_context::f_get_timer

get timer callback

Definition at line 1351 of file ssl.h.

f_recv

mbedtls_ssl_recv_t* mbedtls_ssl_context::f_recv

Callback for network receive

Definition at line 1320 of file ssl.h.

f_recv_timeout

mbedtls_ssl_recv_timeout_t* mbedtls_ssl_context::f_recv_timeout

Callback for network receive with timeout

Definition at line 1321 of file ssl.h.

f_send

mbedtls_ssl_send_t* mbedtls_ssl_context::f_send

Callback for network send

Definition at line 1319 of file ssl.h.

f_set_timer

mbedtls_ssl_set_timer_t* mbedtls_ssl_context::f_set_timer

set timer callback

Definition at line 1350 of file ssl.h.

f_vrfy

int(* mbedtls_ssl_context::f_vrfy) (void *, mbedtls_x509_crt *, int, uint32_t *)

Callback to customize X.509 certificate chain verification

Definition at line 1315 of file ssl.h.

handshake

mbedtls_ssl_handshake_params* mbedtls_ssl_context::handshake

params required only during the handshake process

Definition at line 1334 of file ssl.h.

hostname

char* mbedtls_ssl_context::hostname

Expected peer CN for verification.

Also used on clients for SNI.

The value of this field can be:

• NULL in a newly initialized or reset context.
• A heap-allocated copy of the last value passed to mbedtls_ssl_set_hostname(), if the last call had a non-null hostname argument.
• A special value to indicate that mbedtls_ssl_set_hostname() was called with NULL (as opposed to never having been called).

If you need to obtain the value passed to mbedtls_ssl_set_hostname() even if it may have been called with NULL, call mbedtls_ssl_get_hostname_pointer().

If this field contains the value NULL and the configuration option #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME is unset, on a TLS client, attempting to verify a server certificate results in the error MBEDTLS_ERR_SSL_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME.

If this field contains the special value described above, or if the value is NULL and the configuration option #MBEDTLS_SSL_CLI_ALLOW_WEAK_CERTIFICATE_VERIFICATION_WITHOUT_HOSTNAME is set, then the peer name verification is skipped, which may be insecure, especially on a client. Furthermore, on a client, the server_name extension is not sent.

Definition at line 1470 of file ssl.h.

in_buf

unsigned char* mbedtls_ssl_context::in_buf

input buffer

Definition at line 1356 of file ssl.h.

in_ctr

unsigned char* mbedtls_ssl_context::in_ctr

64-bit incoming message counter TLS: maintained by us DTLS: read from peer

Definition at line 1357 of file ssl.h.

in_epoch

uint16_t mbedtls_ssl_context::in_epoch

DTLS epoch for incoming records

Definition at line 1377 of file ssl.h.

in_hdr

unsigned char* mbedtls_ssl_context::in_hdr

start of record header

Definition at line 1360 of file ssl.h.

in_hslen

size_t mbedtls_ssl_context::in_hslen

current handshake message length, including the handshake header

Definition at line 1386 of file ssl.h.

in_iv

unsigned char* mbedtls_ssl_context::in_iv

ivlen-byte IV

Definition at line 1366 of file ssl.h.

in_left

size_t mbedtls_ssl_context::in_left

amount of data read so far

Definition at line 1372 of file ssl.h.

in_len

unsigned char* mbedtls_ssl_context::in_len

two-bytes message length field

Definition at line 1365 of file ssl.h.

in_msg

unsigned char* mbedtls_ssl_context::in_msg

message contents (in_iv+ivlen)

Definition at line 1367 of file ssl.h.

in_msglen

size_t mbedtls_ssl_context::in_msglen

record header: message length

Definition at line 1371 of file ssl.h.

in_msgtype

int mbedtls_ssl_context::in_msgtype

record header: message type

Definition at line 1370 of file ssl.h.

in_offt

unsigned char* mbedtls_ssl_context::in_offt

read offset in application data

Definition at line 1368 of file ssl.h.

in_window

uint64_t mbedtls_ssl_context::in_window

bitmask for replay detection

Definition at line 1383 of file ssl.h.

in_window_top

uint64_t mbedtls_ssl_context::in_window_top

last validated record seq_num

Definition at line 1382 of file ssl.h.

keep_current_message

int mbedtls_ssl_context::keep_current_message

drop or reuse current message on next call to record layer?

Definition at line 1390 of file ssl.h.

major_ver

int mbedtls_ssl_context::major_ver

equal to MBEDTLS_SSL_MAJOR_VERSION_3

Definition at line 1306 of file ssl.h.

minor_ver

int mbedtls_ssl_context::minor_ver

either 0 (SSL3) or 1 (TLS1.0)

Definition at line 1307 of file ssl.h.

mtu

uint16_t mbedtls_ssl_context::mtu

path mtu, used to fragment outgoing messages

Definition at line 1422 of file ssl.h.

nb_zero

int mbedtls_ssl_context::nb_zero

of 0-length encrypted messages

Definition at line 1388 of file ssl.h.

next_record_offset

size_t mbedtls_ssl_context::next_record_offset

offset of the next record in datagram (equal to in_left if none)

Definition at line 1378 of file ssl.h.

out_buf

unsigned char* mbedtls_ssl_context::out_buf

output buffer

Definition at line 1401 of file ssl.h.

out_ctr

unsigned char* mbedtls_ssl_context::out_ctr

64-bit outgoing message counter

Definition at line 1402 of file ssl.h.

out_hdr

unsigned char* mbedtls_ssl_context::out_hdr

start of record header

Definition at line 1403 of file ssl.h.

out_iv

unsigned char* mbedtls_ssl_context::out_iv

ivlen-byte IV

Definition at line 1409 of file ssl.h.

out_left

size_t mbedtls_ssl_context::out_left

amount of data not yet written

Definition at line 1414 of file ssl.h.

out_len

unsigned char* mbedtls_ssl_context::out_len

two-bytes message length field

Definition at line 1408 of file ssl.h.

out_msg

unsigned char* mbedtls_ssl_context::out_msg

message contents (out_iv+ivlen)

Definition at line 1410 of file ssl.h.

out_msglen

size_t mbedtls_ssl_context::out_msglen

record header: message length

Definition at line 1413 of file ssl.h.

out_msgtype

int mbedtls_ssl_context::out_msgtype

record header: message type

Definition at line 1412 of file ssl.h.

own_verify_data

char mbedtls_ssl_context::own_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

previous handshake verify data

Definition at line 1500 of file ssl.h.

p_bio

void* mbedtls_ssl_context::p_bio

context for I/O operations

Definition at line 1324 of file ssl.h.

p_timer

void* mbedtls_ssl_context::p_timer

context for the timer callbacks

Definition at line 1348 of file ssl.h.

p_vrfy

void* mbedtls_ssl_context::p_vrfy

context for X.509 verify callback

Definition at line 1316 of file ssl.h.

peer_verify_data

char mbedtls_ssl_context::peer_verify_data[MBEDTLS_SSL_VERIFY_DATA_MAX_LEN]

previous handshake verify data

Definition at line 1501 of file ssl.h.

renego_records_seen

int mbedtls_ssl_context::renego_records_seen

Records since renego request, or with DTLS, number of retransmissions of request if renego_max_records is < 0

Definition at line 1301 of file ssl.h.

renego_status

int mbedtls_ssl_context::renego_status

Initial, in progress, pending?

Definition at line 1300 of file ssl.h.

secure_renegotiation

int mbedtls_ssl_context::secure_renegotiation

does peer support legacy or secure renegotiation

Definition at line 1496 of file ssl.h.

session

mbedtls_ssl_session* mbedtls_ssl_context::session

negotiated session data

Definition at line 1331 of file ssl.h.

session_in

mbedtls_ssl_session* mbedtls_ssl_context::session_in

current session data (in)

Definition at line 1329 of file ssl.h.

session_negotiate

mbedtls_ssl_session* mbedtls_ssl_context::session_negotiate

session data in negotiation

Definition at line 1332 of file ssl.h.

session_out

mbedtls_ssl_session* mbedtls_ssl_context::session_out

current session data (out)

Definition at line 1330 of file ssl.h.

split_done

signed char mbedtls_ssl_context::split_done

current record already split?

Definition at line 1429 of file ssl.h.

state

int mbedtls_ssl_context::state

SSL handshake: current state

Definition at line 1298 of file ssl.h.

transform

mbedtls_ssl_transform* mbedtls_ssl_context::transform

negotiated transform params

Definition at line 1342 of file ssl.h.

transform_in

mbedtls_ssl_transform* mbedtls_ssl_context::transform_in

current transform params (in)

Definition at line 1340 of file ssl.h.

transform_negotiate

mbedtls_ssl_transform* mbedtls_ssl_context::transform_negotiate

transform params in negotiation

Definition at line 1343 of file ssl.h.

transform_out

mbedtls_ssl_transform* mbedtls_ssl_context::transform_out

current transform params (in)

Definition at line 1341 of file ssl.h.

verify_data_len

size_t mbedtls_ssl_context::verify_data_len

length of verify data stored

Definition at line 1499 of file ssl.h.

---

The documentation for this struct was generated from the following file:

• ssl.h