axl_bool vortex_tls_accept_negotiation ( VortexTlsAcceptQuery  accept_handler,
VortexTlsCertificateFileLocator  certificate_handler,
VortexTlsPrivateKeyFileLocator  private_key_handler 
)

Allows to configure if current Vortex Library instance will accept TLS incoming connections.

While using TLS under BEEP, as a peer protocol, any instance running could receive a TLS request for its activation. This function allows to configure if such request will be allowed or recognized.

Default TLS configuration is to not allow receive a TLS request.

This function doesn't disable the possibility to connect to a remote peer and request to negotiate the TLS security transport.

There are two typical scenarios:

  • 1. A Vortex Library client peer do not to call this function. However, once required to activate the TLS profile, the client peer could issue a call to vortex_tls_start_negotiation to enable TLS transport against a BEEP peer accepting TLS requests. In the case the remote peer is running Vortex Library, that peer must have already issued a call to vortex_tls_accept_negotiation to accept the incoming TLS request.

  • 2. In the other hand, Vortex Library listeners could enable accepting TLS incoming connections so they publish as a possible profile the TLS one. This is done by calling to this function.

This function allows to define several handlers to configure the TLS support. These handlers are defined per profile which means they are global to all TLS profile request received.

There are an alternative method which provides more control over the TLS process. This is controlled by the following functions:

Previous functions are provided to enable the application layer to provide handlers that are executed to create the TLS context (SSL_CTX), configuring all parameters required. See also VortexTlsCtxCreation handler for more information.

Along with previous function, the following ones allows to provide some callbacks that will be called to perform addintionall TLS post-checks.

NOTE: Using vortex_tls_set_ctx_creation or vortex_tls_set_default_ctx_creation function will cause the following handlers to be not called:

This is because providing a function to create the SSL context (SSL_CTX) assumes the application layer on top of Vortex Library wants to take control over the SSL configuration process. This ensures Vortex Library will not do any additional configure operation once create the SSL context (SSL_CTX).

Parameters:
accept_handler A handler executed to notify user app level that a TLS request was received, allowing to accept or deny it according to the value returned by the handler. You can use NULL value for this parameter. This will make Vortex Library to set the default accept handler which always accept every TLS negotiation.
certificate_handler A handler executed to know where is located the certificate file to be used to cipher the session. You can use NULL value for this parameter. This will make Vortex Library to set the default certificate handler which returns a path to a test certificate. It is highly recommended to set this handler, however you can use NULL value under development environment.
private_key_handler A handler executed to know where is located the private key file to be used to cipher the session. You can use NULL value for this parameter. This will make Vortex Library to set the default private key handler which returns a path to the test private key. It is highly recommended to set this handler, however you can use NULL values under development environment.
Returns:
Returns it the current server instance could accept incoming TLS connections.