Struct SolidSyslogMbedTlsStreamConfig¶
ClassList > SolidSyslogMbedTlsStreamConfig
#include <SolidSyslogMbedTlsStream.h>
Public Attributes¶
| Type | Name |
|---|---|
| struct mbedtls_x509_crt * | CaChain Trust anchors the peer cert must chain to; caller-built and owned. |
| struct mbedtls_x509_crt * | ClientCertChain mTLS leaf (+ intermediates); caller-owned. |
| struct mbedtls_pk_context * | ClientKey Private key matching ClientCertChain; caller-owned. |
| SolidSyslogTlsHandshakeTimeoutFunction | GetHandshakeTimeoutMs Per-attempt handshake deadline in ms; NULL uses the SOLIDSYSLOG_TLS_HANDSHAKE_TIMEOUT_MS tunable. |
| void * | HandshakeTimeoutContext Passed back to GetHandshakeTimeoutMs unchanged; NULL is fine. |
| struct mbedtls_ctr_drbg_context * | Rng Seeded CTR-DRBG for the handshake; caller-built and caller-owned. |
| const char * | ServerName SNI + peer-identity check. |
| SolidSyslogSleepFunction | Sleep Bridges the WANT_READ/WANT_WRITE polls of the bounded handshake retry; required — there is no fallback. |
| struct SolidSyslogStream * | Transport Underlying byte stream the TLS records ride on. |
Public Attributes Documentation¶
variable CaChain¶
Trust anchors the peer cert must chain to; caller-built and owned.
variable ClientCertChain¶
mTLS leaf (+ intermediates); caller-owned.
NULL (or a NULL ClientKey) disables mTLS — both must be set to present a client cert.
variable ClientKey¶
Private key matching ClientCertChain; caller-owned.
NULL disables mTLS.
variable GetHandshakeTimeoutMs¶
Per-attempt handshake deadline in ms; NULL uses the SOLIDSYSLOG_TLS_HANDSHAKE_TIMEOUT_MS tunable.
variable HandshakeTimeoutContext¶
Passed back to GetHandshakeTimeoutMs unchanged; NULL is fine.
variable Rng¶
Seeded CTR-DRBG for the handshake; caller-built and caller-owned.
variable ServerName¶
SNI + peer-identity check.
A non-empty name is verified against the peer cert (SAN/CN). NULL connects chain-only but emits a WARNING — the peer is unverified (MITM-class). "" is the no-name-check opt-out (closed network / private CA): the cert must still chain to CaChain, but the endpoint identity is not checked; no diagnostic.
variable Sleep¶
Bridges the WANT_READ/WANT_WRITE polls of the bounded handshake retry; required — there is no fallback.
variable Transport¶
Underlying byte stream the TLS records ride on.
Borrowed — this stream may Close it but never destroys it; the caller owns it and must keep it valid until SolidSyslogMbedTlsStream_Destroy.
The documentation for this class was generated from the following file Platform/MbedTls/Interface/SolidSyslogMbedTlsStream.h