Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 7 Connection : tibemsSSLHostNameVerifier

tibemsSSLHostNameVerifier
Function Type
Purpose
Programs define functions of this type to check server identity based on the server’s host name.
C Declaration
typedef tibems_status (*tibemsSSLHostNameVerifier) (
    const char* connected_hostname,
    const char* expected_hostname,
    const char* certificate_name,
    void* closure );
Parameters
 
This parameter receives the actual host name of the server to which the client program is attempting to connect.
This parameter receives the host name that the client expects the server to be running on.
Remarks
SSL attempts to verify that the EMS server hostname (taken from the server’s certificate identity) matches the hostname in the server URL. Your program can use the default matching behavior, or customize it in different ways.
The default behavior is a straightforward string comparison, matching the hostname from the server certificate against the hostname of the connected URL.
If you set an expected hostname, then the match compares the hostname from the server certificate against the expected hostname (instead of the URL hostname).
You may also define and set a hostname verifier function, which can override a string mismatch. If the string comparison fails, then SSL calls your verifier function to determine whether to accept the hostname anyway. Your function receives three hostnames—the connected name, the expected name, and the certificate hostname—and must return a status code indicating the final match result:
TIBEMS_OK indicates a successful check.
TIBEMS_SECURITY_EXCEPTION indicates a failed check.
See Also
tibemsSSLParams_SetExpectedHostName on page 242
tibemsSSLParams_SetHostNameVerifier on page 243
tibemsSSLParams_SetVerifyHost on page 248

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved