void vortex_tls_set_auto_tls ( VortexCtx ctx,
axl_bool  enabled,
axl_bool  allow_tls_failures,
const char *  serverName 
)

Allows to activate TLS profile automatic negotiation for every connection created.

Once a user application is developed using Vortex Library it could be interesting to instruct Vortex Library to automatically negotiate the TLS profile for every connection created. This will make that every call to vortex_connection_new will return not only an instance already connected but also with the TLS profile already activated.

This allows to take advantage of the support developed to create and wait for a VortexConnection to be created rather than having two steps at the user space: first create the connection and the TLS-fixate it with vortex_tls_start_negotiation.

The function allows to specify the optional serverName value to be used when vortex_tls_start_negotiation is called. The values set on this function will make effect to all connections created.

Once a connection is created, the TLS profile negotiation could fail. This is because the remote peer could be not accepting TLS request, or the serverName request is not accepted...

This could be a security problem because there is no difference from using a VortexConnection with TLS profile activated from other one without it. This could cause user application to start using a connection that is successfully connected but without TLS activated, sending and receiving data in plain mode.

The parameter allow_tls_failures allows to configure what is the default action to be taken on TLS failures. By default, if TLS profile negotiation fails, the connection is closed, returning that the TLS profile have failed.

Using an axl_true value allows to still keep on working even if the TLS profile negotiation have failed.

By default, Vortex Library have auto TLS feature disabled.

Parameters
ctxThe context where the operation will be performed.
enabledaxl_true to activate the automatic TLS profile negotiation for every connection created, axl_false to disable it.
allow_tls_failuresConfigure how to handle errors produced while activating automatic TLS negotiation.
serverNameThe server name value to be passed in to vortex_tls_start_negotiation. If the received value is not NULL the function will perform a local copy

NOTE: If current Vortex Library doesn't have built-in support for TLS profile, automatic TLS profile negotiation will always fail. This means that setting allow_tls_failures to axl_false will cause Vortex Library client peer to always fail to create new connections.

NOTE2: About failures during the TLS handshake
A TLS handshake could fail at two points: before the tuning start or a failure during the TLS handshake itself. In the second case the error is not recoverable because is not possible to restore the BEEP state on both peers.

In the first case, the connection is still working and BEEP state remains untouched because the error at this phase is caused because the partner peer have denied accepting the TLS handshare by rejecting to create the TLS channel, leaving both peers working at the BEEP level.

Having this in mind, you must always call to vortex_connection_is_ok after a connection create operation.

References vortex_ctx_get_data().