#include <MQTTAsync.h>

Public 属性
char	struct_id [4]

int	struct_version

const char *	trustStore

const char *	keyStore

const char *	privateKey

const char *	privateKeyPassword

const char *	enabledCipherSuites

int	enableServerCertAuth

int	sslVersion

int	verify

const char *	CApath

int(*	ssl_error_cb )(const char str, size_t len, void u)

void *	ssl_error_context

unsigned int(*	ssl_psk_cb )(const char hint, char identity, unsigned int max_identity_len, unsigned char psk, unsigned int max_psk_len, void u)

void *	ssl_psk_context

int	disableDefaultTrustStore

const unsigned char *	protos

unsigned int	protos_len

详细描述

MQTTAsync_sslProperties defines the settings to establish an SSL/TLS connection using the OpenSSL library. It covers the following scenarios:

Server authentication: The client needs the digital certificate of the server. It is included in a store containting trusted material (also known as "trust store").
Mutual authentication: Both client and server are authenticated during the SSL handshake. In addition to the digital certificate of the server in a trust store, the client will need its own digital certificate and the private key used to sign its digital certificate stored in a "key store".
Anonymous connection: Both client and server do not get authenticated and no credentials are needed to establish an SSL connection. Note that this scenario is not fully secure since it is subject to man-in-the-middle attacks.

在文件 MQTTAsync.h 第 1047 行定义.

类成员变量说明

const char* MQTTAsync_SSLOptions::CApath

From the OpenSSL documentation: If CApath is not NULL, it points to a directory containing CA certificates in PEM format. Exists only if struct_version >= 2

在文件 MQTTAsync.h 第 1108 行定义.

int MQTTAsync_SSLOptions::disableDefaultTrustStore

Don't load default SSL CA. Should be used together with PSK to make sure regular servers with certificate in place is not accepted. Exists only if struct_version >= 4

在文件 MQTTAsync.h 第 1140 行定义.

const char* MQTTAsync_SSLOptions::enabledCipherSuites

The list of cipher suites that the client will present to the server during the SSL handshake. For a full explanation of the cipher list format, please see the OpenSSL on-line documentation: http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT If this setting is ommitted, its default value will be "ALL", that is, all the cipher suites -excluding those offering no encryption- will be considered. This setting can be used to set an SSL anonymous connection ("aNULL" string value, for instance).

在文件 MQTTAsync.h 第 1085 行定义.

int MQTTAsync_SSLOptions::enableServerCertAuth

True/False option to enable verification of the server certificate

在文件 MQTTAsync.h 第 1088 行定义.

const char* MQTTAsync_SSLOptions::keyStore

The file in PEM format containing the public certificate chain of the client. It may also include the client's private key.

在文件 MQTTAsync.h 第 1067 行定义.

const char* MQTTAsync_SSLOptions::privateKey

If not included in the sslKeyStore, this setting points to the file in PEM format containing the client's private key.

在文件 MQTTAsync.h 第 1072 行定义.

const char* MQTTAsync_SSLOptions::privateKeyPassword

The password to load the client's privateKey if encrypted.

在文件 MQTTAsync.h 第 1075 行定义.

const unsigned char* MQTTAsync_SSLOptions::protos

The protocol-lists must be in wire-format, which is defined as a vector of non-empty, 8-bit length-prefixed, byte strings. The length-prefix byte is not included in the length. Each string is limited to 255 bytes. A byte-string length of 0 is invalid. A truncated byte-string is invalid. Check documentation for SSL_CTX_set_alpn_protos Exists only if struct_version >= 5

在文件 MQTTAsync.h 第 1149 行定义.

unsigned int MQTTAsync_SSLOptions::protos_len

The length of the vector protos vector Exists only if struct_version >= 5

在文件 MQTTAsync.h 第 1155 行定义.

int(* MQTTAsync_SSLOptions::ssl_error_cb) (const char *str, size_t len, void *u)

Callback function for OpenSSL error handler ERR_print_errors_cb Exists only if struct_version >= 3

在文件 MQTTAsync.h 第 1114 行定义.

void* MQTTAsync_SSLOptions::ssl_error_context

Application-specific contex for OpenSSL error handler ERR_print_errors_cb Exists only if struct_version >= 3

在文件 MQTTAsync.h 第 1120 行定义.

unsigned int(* MQTTAsync_SSLOptions::ssl_psk_cb) (const char *hint, char *identity, unsigned int max_identity_len, unsigned char *psk, unsigned int max_psk_len, void *u)

Callback function for setting TLS-PSK options. Parameters correspond to that of SSL_CTX_set_psk_client_callback, except for u which is the pointer ssl_psk_context. Exists only if struct_version >= 4

在文件 MQTTAsync.h 第 1127 行定义.

void* MQTTAsync_SSLOptions::ssl_psk_context

Application-specific contex for ssl_psk_cb Exists only if struct_version >= 4

在文件 MQTTAsync.h 第 1133 行定义.

int MQTTAsync_SSLOptions::sslVersion

The SSL/TLS version to use. Specify one of MQTT_SSL_VERSION_DEFAULT (0), MQTT_SSL_VERSION_TLS_1_0 (1), MQTT_SSL_VERSION_TLS_1_1 (2) or MQTT_SSL_VERSION_TLS_1_2 (3). Only used if struct_version is >= 1.

在文件 MQTTAsync.h 第 1094 行定义.

char MQTTAsync_SSLOptions::struct_id[4]

The eyecatcher for this structure. Must be MQTS

在文件 MQTTAsync.h 第 1050 行定义.

int MQTTAsync_SSLOptions::struct_version

The version number of this structure. Must be 0, 1, 2, 3, 4 or 5. 0 means no sslVersion 1 means no verify, CApath 2 means no ssl_error_context, ssl_error_cb 3 means no ssl_psk_cb, ssl_psk_context, disableDefaultTrustStore 4 means no protos, protos_len

在文件 MQTTAsync.h 第 1059 行定义.

const char* MQTTAsync_SSLOptions::trustStore

The file in PEM format containing the public digital certificates trusted by the client.

在文件 MQTTAsync.h 第 1062 行定义.

int MQTTAsync_SSLOptions::verify

Whether to carry out post-connect checks, including that a certificate matches the given host name. Exists only if struct_version >= 2

在文件 MQTTAsync.h 第 1101 行定义.

该结构体的文档由以下文件生成:

tqinclude/paho_mqtt_c/MQTTAsync.h

Public 属性

详细描述

类成员变量说明