2016-05-12 04:36:12 +08:00
|
|
|
---
|
|
|
|
|
title: "struct mg_connect_opts"
|
|
|
|
|
decl_name: "struct mg_connect_opts"
|
|
|
|
|
symbol_kind: "struct"
|
|
|
|
|
signature: |
|
|
|
|
|
struct mg_connect_opts {
|
|
|
|
|
void *user_data; /* Initial value for connection's user_data */
|
|
|
|
|
unsigned int flags; /* Extra connection flags */
|
|
|
|
|
const char **error_string; /* Placeholder for the error string */
|
2016-11-09 22:48:49 +08:00
|
|
|
struct mg_iface *iface; /* Interface instance */
|
2017-03-20 17:43:05 +08:00
|
|
|
const char *nameserver; /* DNS server to use, NULL for default */
|
Change from using #ifdef to #if for features tests
"#if FOO" still works with simple -DFOO, but gives more flexibility.
Specifically, if user expressed no preference (FOO is not defined),
we can apply reasonable defaults (this is the legitimate use of ifdef).
In short, from now on, please use
#if MG_ENABLE_FOO
instead of
#ifdef MG_ENABLE_FOO
Since we are all used to #ifdef, this change also adds a precommit check
to police this. Specifically, in *.h and *.c files that are Copyright Cesanta,
"ifdef" and "if defined()" are not allowed to be used with macros that contain
ENABLE or DISABLE, unless the like also contains "ifdef-ok".
Hence, if you are sure you want to use ifdef, use this:
#ifdef MG_ENABLE_FOO /* ifdef-ok */
PUBLISHED_FROM=9be829448f53cff575d6cae8b9945fb12531c15a
2016-10-14 01:55:08 +08:00
|
|
|
#if MG_ENABLE_SSL
|
2017-01-10 07:44:44 +08:00
|
|
|
/*
|
|
|
|
|
* SSL settings.
|
|
|
|
|
* Client certificate to present to the server.
|
|
|
|
|
*/
|
|
|
|
|
const char *ssl_cert;
|
|
|
|
|
/*
|
|
|
|
|
* Private key corresponding to the certificate.
|
|
|
|
|
* If ssl_cert is set but ssl_key is not, ssl_cert is used.
|
|
|
|
|
*/
|
|
|
|
|
const char *ssl_key;
|
|
|
|
|
/*
|
|
|
|
|
* Verify server certificate using this CA bundle. If set to "*", then SSL
|
|
|
|
|
* is enabled but no cert verification is performed.
|
|
|
|
|
*/
|
|
|
|
|
const char *ssl_ca_cert;
|
|
|
|
|
/* Colon-delimited list of acceptable cipher suites.
|
|
|
|
|
* Names depend on the library used, for example:
|
|
|
|
|
*
|
|
|
|
|
* ECDH-ECDSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256 (OpenSSL)
|
|
|
|
|
* TLS-ECDH-ECDSA-WITH-AES-128-GCM-SHA256:TLS-DHE-RSA-WITH-AES-128-GCM-SHA256
|
|
|
|
|
* (mbedTLS)
|
|
|
|
|
*
|
|
|
|
|
* For OpenSSL the list can be obtained by running "openssl ciphers".
|
|
|
|
|
* For mbedTLS, names can be found in library/ssl_ciphersuites.c
|
|
|
|
|
* If NULL, a reasonable default is used.
|
|
|
|
|
*/
|
|
|
|
|
const char *ssl_cipher_suites;
|
2016-05-12 04:36:12 +08:00
|
|
|
/*
|
|
|
|
|
* Server name verification. If ssl_ca_cert is set and the certificate has
|
|
|
|
|
* passed verification, its subject will be verified against this string.
|
|
|
|
|
* By default (if ssl_server_name is NULL) hostname part of the address will
|
|
|
|
|
* be used. Wildcard matching is supported. A special value of "*" disables
|
|
|
|
|
* name verification.
|
|
|
|
|
*/
|
|
|
|
|
const char *ssl_server_name;
|
2017-02-15 16:05:37 +08:00
|
|
|
/*
|
|
|
|
|
* PSK identity and key. Identity is a NUL-terminated string and key is a hex
|
|
|
|
|
* string. Key must be either 16 or 32 bytes (32 or 64 hex digits) for AES-128
|
|
|
|
|
* or AES-256 respectively.
|
|
|
|
|
* Note: Default list of cipher suites does not include PSK suites, if you
|
|
|
|
|
* want to use PSK you will need to set ssl_cipher_suites as well.
|
|
|
|
|
*/
|
|
|
|
|
const char *ssl_psk_identity;
|
|
|
|
|
const char *ssl_psk_key;
|
2016-05-12 04:36:12 +08:00
|
|
|
#endif
|
|
|
|
|
};
|
|
|
|
|
---
|
|
|
|
|
|
|
|
|
|
Optional parameters to `mg_connect_opt()`
|
|
|
|
|
|
