package tls-async
Install
dune-project
Dependency
Authors
Maintainers
Sources
sha256=9ba50fd0cd20c9be1b6c9980f0d71343cc317446db55217eb39937ac4a8cb21a
sha512=c401deb74c8d78f4c729400ef58a5f8a8049fd53d6efa7dfc968c5b2ced167cc2d819228a4778a4b7f257719964d08a50fe94d9cb2985ab38559fbb6940b8767
doc/tls-async/Tls_async/index.html
Module Tls_asyncSource
Low-level API for working with TLS sessions. Most applications should use the high-level API below
Helper functions for Async_unix-specific IO operations commonly used with X509 certificates, such as loading from a Unix filesystem
val listen :
?buffer_age_limit:Async.Writer.buffer_age_limit ->
?max_connections:int ->
?max_accepts_per_batch:int ->
?backlog:int ->
?socket:
([ `Unconnected ], [< Async.Socket.Address.t ] as 'address) Async.Socket.t ->
on_handler_error:[ `Call of 'address -> exn -> unit | `Ignore | `Raise ] ->
Tls.Config.server ->
('address, 'listening_on) Async.Tcp.Where_to_listen.t ->
('address ->
Session.t ->
Async.Reader.t ->
Async.Writer.t ->
unit Async.Deferred.t) ->
('address, 'listening_on) Async.Tcp.Server.t Async.Deferred.tlisten creates a Tcp.Server.t with the requested parameters, including those specified in Tls.Config.server. The handler function exposes the low-level Session.t to accommodate cases like interrogating a client certificate
upgrade_server_handler is what listen calls to handle each client. It is exposed so that low-level end-users of the library can use tls-async inside of code that manages Tcp services directly.
The tls_handler argument will be called with the client Tls session, reader and writer to be used for cleartext data.
The outer reader and writer will read encrypted data from and write encrypted data to the connected socket.
val connect :
?socket:([ `Unconnected ], 'addr) Async.Socket.t ->
(Tls.Config.client ->
'addr Async.Tcp.Where_to_connect.t ->
host:[ `host ] Domain_name.t option ->
(Session.t * Async.Reader.t * Async.Writer.t) Async.Deferred.Or_error.t)
Async.Tcp.Aliases.with_connect_optionsconnect behaves similarly to Tcp.connect, exposing a cleartext reader and writer. Callers should ensure they close the Writer.t and wait for the unit Deferred.t returned by `Closed_and_flushed_downstream to completely shut down the TLS connection
host is used for peer name verification and should generally be provided. Passing None will disable peer name verification unless peer_name was provided in the Tls.Config.client. If both are present host overwrites peer_name.
val upgrade_client_to_tls :
Tls.Config.client ->
host:[ `host ] Domain_name.t option ->
Async.Reader.t ->
Async.Writer.t ->
(Session.t * Async.Reader.t * Async.Writer.t) Async.Deferred.Or_error.tupgrade_client_to_tls upgrades an existing reader/writer to TLS, returning a cleartext reader and writer. Callers should ensure they close the Writer.t and wait for the unit Deferred.t returned by `Closed_and_flushed_downstream to completely shut down the TLS connection
host is used for peer name verification and should generally be provided. Passing None will disable peer name verification unless peer_name was provided in the Tls.Config.client. If both are present host overwrites peer_name.