package tls-async

  1. Overview
  2. Docs
module Session : sig ... end

Low-level API for working with TLS sessions. Most applications should use the high-level API below

module X509_async : sig ... end

Helper functions for Async_unix-specific IO operations commonly used with X509 certificates, such as loading from a Unix filesystem

val listen : ?buffer_age_limit:Async.Writer.buffer_age_limit -> ?max_connections:int -> ?max_accepts_per_batch:int -> ?backlog:int -> ?socket: ([ `Unconnected ], [< Async.Socket.Address.t ] as 'address) Async.Socket.t -> on_handler_error:[ `Call of 'address -> exn -> unit | `Ignore | `Raise ] -> Tls.Config.server -> ('address, 'listening_on) Async.Tcp.Where_to_listen.t -> ('address -> Session.t -> Async.Reader.t -> Async.Writer.t -> unit Async.Deferred.t) -> ('address, 'listening_on) Async.Tcp.Server.t Async.Deferred.t

listen creates a Tcp.Server.t with the requested parameters, including those specified in Tls.Config.server. The handler function exposes the low-level Session.t to accommodate cases like interrogating a client certificate

connect behaves similarly to Tcp.connect, exposing a cleartext reader and writer. Callers should ensure they close the Writer.t and wait for the unit Deferred.t returned by `Closed_and_flushed_downstream to completely shut down the TLS connection

host is used for peer name verification and should generally be provided. Passing None will disable peer name verification unless peer_name was provided in the Tls.Config.client. If both are present host overwrites peer_name.

OCaml

Innovation. Community. Security.