Function amqp_ssl_socket_new

Synopsis

#include <librabbitmq/amqp_ssl_socket.h>

amqp_socket_t * amqp_ssl_socket_new(amqp_connection_state_t state)

Description

Create a new SSL/TLS socket object.

The returned socket object is owned by the amqp_connection_state_t object and will be destroyed when the state object is destroyed or a new socket object is created.

If the socket object creation fails, the amqp_connection_state_t object will not be changed.

The object returned by this function can be retrieved from the amqp_connection_state_t object later using the amqp_get_socket() function.

Calling this function may result in the underlying SSL library being initialized.

See
amqp_set_initialize_ssl_library()
Parameters:

[ in,out ] state - The connection object that owns the SSL/TLS socket

Return
A new socket object or NULL if an error occurred.
Since
v0.4.0

Mentioned in

Source

Lines 339-374 in librabbitmq/amqp_openssl.c. Line 58 in librabbitmq/amqp_ssl_socket.h.

amqp_socket_t *amqp_ssl_socket_new(amqp_connection_state_t state) {
  struct amqp_ssl_socket_t *self = calloc(1, sizeof(*self));
  int status;
  if (!self) {
    return NULL;
  }

  self->sockfd = -1;
  self->klass = &amqp_ssl_socket_class;
  self->verify_peer = 1;
  self->verify_hostname = 1;

  status = initialize_ssl_and_increment_connections();
  if (status) {
    goto error;
  }

  self->ctx = SSL_CTX_new(SSLv23_client_method());
  if (!self->ctx) {
    goto error;
  }
  /* Disable SSLv2 and SSLv3 */
  SSL_CTX_set_options(self->ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);

  SSL_CTX_set_mode(self->ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
  /* OpenSSL v1.1.1 turns this on by default, which makes the non-blocking
   * logic not behave as expected, so turn this back off */
  SSL_CTX_clear_mode(self->ctx, SSL_MODE_AUTO_RETRY);

  amqp_set_socket(state, (amqp_socket_t *)self);

  return (amqp_socket_t *)self;
error:
  amqp_ssl_socket_delete((amqp_socket_t *)self);
  return NULL;
}





Add Discussion as Guest

Log in to DocsForge