Library
Module
Module type
Parameter
Class
Class type
Low-level API for working with TLS sessions. Most applications should use the high-level API below
module Fd : sig ... end
val server_of_fd : Tls.Config.server -> Fd.t -> t Async.Deferred.Or_error.t
server_of_fd server fd
is t
, after server-side TLS handshake of fd
using server
configuration.
val client_of_fd :
Tls.Config.client ->
?host:[ `host ] Domain_name.t ->
Fd.t ->
t Async.Deferred.Or_error.t
client_of_fd client ~host fd
is t
, after client-side TLS handshake of fd
using client
configuration and host
.
val read : t -> bytes -> int Async.Deferred.Or_error.t
read t buffer
is length
, the number of bytes read into buffer
.
val writev : t -> string list -> unit Async.Deferred.Or_error.t
writev t buffers
writes the buffers
to the session.
val close_tls : t -> unit Async.Deferred.Or_error.t
close t
closes the TLS session by sending a close notify to the peer.
val reneg :
?authenticator:X509.Authenticator.t ->
?acceptable_cas:X509.Distinguished_name.t list ->
?cert:Tls.Config.own_cert ->
?drop:bool ->
t ->
unit Async.Deferred.Or_error.t
reneg ~authenticator ~acceptable_cas ~cert ~drop t
renegotiates the session, and blocks until the renegotiation finished. Optionally, a new authenticator
and acceptable_cas
can be used. The own certificate can be adjusted by cert
. If drop
is true
(the default), application data received before the renegotiation finished is dropped.
val key_update : ?request:bool -> t -> unit Async.Deferred.Or_error.t
key_update ~request t
updates the traffic key and requests a traffic key update from the peer if request
is provided and true
(the default). This is only supported in TLS 1.3.
val epoch : t -> Tls.Core.epoch_data Core.Or_error.t
epoch t
returns epoch
, which contains information of the active session.