SSLINFO
Brew Release
Brew MP 1.0.2
See Also
ISSL_Negotiate(),
SSLSecurityInfo,
IX509CHAIN_Verify(),
X509TrustResult
Description
This data type is the result of the SSL negotiation and includes
the secured ISocket.
Members
nResult: General result of an SSL negotiation. One of SSL_RESULT_* error codes. See ISSL error codes.SecInfo: The security level negotiated. Valid on SSL_RESULT_SECURED
TrustResult: Trust results; see X509TrustResult
pSSLSocket: Open socket representing secured stream. This value is be NULL when using IPort. To retrieve the pSSLPort, use ISSL_QueryInterface() with AEECLSID_PORT.
Definition
typedef struct SSLInfo { int nResult; SSLSecurityInfo SecInfo; X509TrustResult TrustResult; ISocket *pSSLSocket; } SSLInfo;
Comments
This returns the result of a negotiation. The results has two parts, the
protocol negotiation result, and the trust result from the X509 chain
verification.
Trust result is filled in only if nResult is either SSL_RESULT_TRUST_ERR or
SSL_RESULT_SECURED. If the result is a secured connection there will be no
trust errors, and only the chain length is of any use in the structure. If the
error is SSL_RESULT_TRUST_ERR then the details of the error are reported in
TrustResult structure. Note that nResult in the TrustResult structure does not
show the details, see the auChainErrors and summary further down in the structure.
nResult in the TrustResult structure is generally SUCCESS. Errors such as running out
of memory or a very corrupt certificate are reported as nResult in the SSLInfo
structure.
Trust errors can be overridden and allow the negotiation to continue. Other errors
cannot be overridden.
pSSLSocket is the most important part of the result as it is the secured
stream.
COMMENTS (0)
See Below