package tls

  1. Overview
  2. Docs
Transport Layer Security purely in OCaml

Install 

dune-project
 Dependency

github.com Readme Changelog BSD-2-Clause License Edit opam file Versions (15)

Authors

  1. D
    David Kaloper <david@numm.org>
  2. H
    Hannes Mehnert <hannes@mehnert.org>

Maintainers

  1. H
    Hannes Mehnert <hannes@mehnert.org>
  2. D
    David Kaloper <david@numm.org>

Sources

tls-0.10.6.tbz
md5=fa5d1ae3e5c3ee09b515550f8d2ecdfa
sha256=36a61fcd4b08ae099538d9e71e8d24f518f5be4f735d0384c0e19da0496dbfb4
sha512=b36d2df5d8f5e1faffc26dbf486f59c90678f7dbd809cc770fd0f2fbb4b015fd634c50543be8522af0cbafd85bebbcb34579a34bdf149d5d8ed5fa253240db24

doc/tls.lwt/Tls_lwt/Unix/index.html

Module Tls_lwt.Unix

Low-level API

Unix API

It is the responsibility of the client to handle error conditions. The underlying file descriptors are not closed.

type t

Abstract type of a session

Constructors

val server_of_fd : ?trace:tracer -> Tls.Config.server -> Lwt_unix.file_descr -> t Lwt.t

server_of_fd ?tracer server fd is t, after server-side TLS handshake of fd using server configuration.

val client_of_fd : ?trace:tracer -> Tls.Config.client -> ?host:string -> Lwt_unix.file_descr -> t Lwt.t

client_of_fd ?tracer client ~host fd is t, after client-side TLS handshake of fd using client configuration and host.

val accept : ?trace:tracer -> Tls.Config.server -> Lwt_unix.file_descr -> (t * Lwt_unix.sockaddr) Lwt.t

accept ?tracer server fd is t, sockaddr, after accepting a client on fd and upgrading to a TLS connection.

val connect : ?trace:tracer -> Tls.Config.client -> (string * int) -> t Lwt.t

connect ?tracer client (host, port) is t, after successful connection to host on port and TLS upgrade.

Common stream operations

val read : t -> Cstruct.t -> int Lwt.t

read t buffer is length, the number of bytes read into buffer.

val write : t -> Cstruct.t -> unit Lwt.t

write t buffer writes the buffer to the session.

val writev : t -> Cstruct.t list -> unit Lwt.t

writev t buffers writes the buffers to the session.

val read_bytes : t -> Lwt_bytes.t -> int -> int -> int Lwt.t

read_bytes t bytes offset len is read_bytes, the amount of bytes read.

val write_bytes : t -> Lwt_bytes.t -> int -> int -> unit Lwt.t

write_bytes t bytes offset length writes length bytes of bytes starting at offset to the session.

val close_tls : t -> unit Lwt.t

close t closes the TLS session by sending a close notify to the peer.

val close : t -> unit Lwt.t

close t closes the TLS session and the underlying file descriptor.

val reneg : ?authenticator:X509.Authenticator.t -> ?acceptable_cas:X509.Distinguished_name.t list -> ?cert:Tls.Config.own_cert -> ?drop:bool -> t -> unit Lwt.t

reneg ~authenticator ~acceptable_cas ~cert ~drop t renegotiates the session, and blocks until the renegotiation finished. Optionally, a new authenticator and acceptable_cas can be used. The own certificate can be adjusted by cert. If drop is true (the default), application data received before the renegotiation finished is dropped.

val epoch : t -> [ `Ok of Tls.Core.epoch_data | `Error ]

epoch t returns epoch, which contains information of the active session.