diff options
| author | jsing <> | 2014-11-02 14:45:05 +0000 |
|---|---|---|
| committer | jsing <> | 2014-11-02 14:45:05 +0000 |
| commit | 44fdefc6525622fe6d745eb387fa3266f9028afb (patch) | |
| tree | d9142429aca61b41c92ba09dd825948905416233 /src/lib/libtls/tls_init.3 | |
| parent | 4b5b1f9d30def9cb46fc251452c167712a74d45a (diff) | |
| download | openbsd-44fdefc6525622fe6d745eb387fa3266f9028afb.tar.gz openbsd-44fdefc6525622fe6d745eb387fa3266f9028afb.tar.bz2 openbsd-44fdefc6525622fe6d745eb387fa3266f9028afb.zip | |
Add a tls_connect_fds() function that allows a secure connection to be
established using a pair of existing file descriptors.
Based on a diff/request from Jan Klemkow.
Rides previous libtls rename/library bump.
Discussed with tedu@.
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libtls/tls_init.3 | 17 |
1 files changed, 15 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index faa9b99539..5873f15686 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: tls_init.3,v 1.1 2014/10/31 13:46:17 jsing Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.2 2014/11/02 14:45:05 jsing Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -14,7 +14,7 @@ | |||
| 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
| 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
| 16 | .\" | 16 | .\" |
| 17 | .Dd $Mdocdate: October 31 2014 $ | 17 | .Dd $Mdocdate: November 2 2014 $ |
| 18 | .Dt TLS 3 | 18 | .Dt TLS 3 |
| 19 | .Os | 19 | .Os |
| 20 | .Sh NAME | 20 | .Sh NAME |
| @@ -43,6 +43,7 @@ | |||
| 43 | .Nm tls_close , | 43 | .Nm tls_close , |
| 44 | .Nm tls_free , | 44 | .Nm tls_free , |
| 45 | .Nm tls_connect , | 45 | .Nm tls_connect , |
| 46 | .Nm tls_connect_fds , | ||
| 46 | .Nm tls_connect_socket , | 47 | .Nm tls_connect_socket , |
| 47 | .Nm tls_read , | 48 | .Nm tls_read , |
| 48 | .Nm tls_write , | 49 | .Nm tls_write , |
| @@ -100,6 +101,8 @@ | |||
| 100 | .Ft "int" | 101 | .Ft "int" |
| 101 | .Fn tls_connect "struct tls *ctx" "const char *host" "const char *port" | 102 | .Fn tls_connect "struct tls *ctx" "const char *host" "const char *port" |
| 102 | .Ft "int" | 103 | .Ft "int" |
| 104 | .Fn tls_connect_fds "struct tls *ctx" "int fd_read" "int fd_write" "const char *hostname" | ||
| 105 | .Ft "int" | ||
| 103 | .Fn tls_connect_socket "struct tls *ctx" "int s" "const char *hostname" | 106 | .Fn tls_connect_socket "struct tls *ctx" "int s" "const char *hostname" |
| 104 | .Ft "int" | 107 | .Ft "int" |
| 105 | .Fn tls_read "struct tls *ctx" "void *buf" "size_t buflen" "size_t *outlen" | 108 | .Fn tls_read "struct tls *ctx" "void *buf" "size_t buflen" "size_t *outlen" |
| @@ -146,6 +149,9 @@ This function will create a new socket, connect to the specified host and | |||
| 146 | port, and then establish a secure connection. | 149 | port, and then establish a secure connection. |
| 147 | An already existing socket can be upgraded to a secure connection by calling | 150 | An already existing socket can be upgraded to a secure connection by calling |
| 148 | .Fn tls_connect_socket . | 151 | .Fn tls_connect_socket . |
| 152 | Alternatively, a secure connection can be established over a pair of existing | ||
| 153 | file descriptors by calling | ||
| 154 | .Fn tls_connect_fds . | ||
| 149 | .Pp | 155 | .Pp |
| 150 | Two functions are provided for input and output, | 156 | Two functions are provided for input and output, |
| 151 | .Fn tls_read | 157 | .Fn tls_read |
| @@ -263,6 +269,10 @@ options. | |||
| 263 | .It | 269 | .It |
| 264 | .Fn tls_close | 270 | .Fn tls_close |
| 265 | closes a connection after use. | 271 | closes a connection after use. |
| 272 | If the connection was established using | ||
| 273 | .Fn tls_connect_fds , | ||
| 274 | only the TLS layer will be closed and it is the caller's responsibility to close | ||
| 275 | the file descriptors. | ||
| 266 | .It | 276 | .It |
| 267 | .Fn tls_free | 277 | .Fn tls_free |
| 268 | frees a tls context after use. | 278 | frees a tls context after use. |
| @@ -280,6 +290,9 @@ The | |||
| 280 | may be numeric or a service name. | 290 | may be numeric or a service name. |
| 281 | If it is NULL then a host of the format "hostname:port" is permitted. | 291 | If it is NULL then a host of the format "hostname:port" is permitted. |
| 282 | .It | 292 | .It |
| 293 | .Fn tls_connect_fds | ||
| 294 | connects a client context to a pair of existing file descriptors. | ||
| 295 | .It | ||
| 283 | .Fn tls_connect_socket | 296 | .Fn tls_connect_socket |
| 284 | connects a client context to an already established socket connection. | 297 | connects a client context to an already established socket connection. |
| 285 | .It | 298 | .It |