NAME

       nng_tls_config_auth_mode - configure authentication mode

SYNOPSIS

           #include <nng/nng.h>
           #include <nng/supplemental/tls/tls.h>

           typedef enum nng_tls_auth_mode {
                   NNG_TLS_AUTH_MODE_NONE,
                   NNG_TLS_AUTH_MODE_OPTIONAL,
                   NNG_TLS_AUTH_MODE_REQUIRED
           } nng_tls_auth_mode;

           int nng_tls_config_auth_mode(nng_tls_config *cfg, nng_tls_auth_mode mode);

DESCRIPTION

       The nng_tls_config_auth_mode() function configures the authentication mode to be used for TLS sessions
       using this configuration object.

       The possible modes are:

       NNG_TLS_AUTH_MODE_NONE
           No authentication of the TLS peer is performed. This is the default for TLS servers, which most
           typically do not authenticate their clients.

       NNG_TLS_AUTH_MODE_OPTIONAL
           If a certificate is presented by the peer, then it is validated. However, if the peer does not
           present a valid certificate, then the session is allowed to proceed without authentication.

       NNG_TLS_AUTH_MODE_REQUIRED
           A check is made to ensure that the peer has presented a valid certificate used for the session. If
           the peer’s certificate is invalid or missing, then the session is refused. This is the default for
           clients.

RETURN VALUES

       This function returns 0 on success, and non-zero otherwise.

ERRORS

       NNG_ENOMEM
           Insufficient memory is available.

       NNG_EINVAL
           An invalid mode was specified.

       NNG_EBUSY
           The configuration cfg is already in use, and cannot be modified.

SEE ALSO

       nng_strerror(3), nng_tls_config_alloc(3tls), nng_tls_config_ca_chain(3tls), nng_tls_config_ca_file(3tls),
       nng_tls_config_server_name(3tls), nng(7)

                                                   2025-02-02                     NNG_TLS_CONFIG_AUTH_MODE(3tls)