Provide a tls_accept_fds() function, which allows a TLS connection to be

accepted via an existing pair of file descriptors. Based on a diff from Jan Klemkow.
author: jsing <> 2015-03-31 14:03:38 +0000
committer: jsing <> 2015-03-31 14:03:38 +0000
commit: a0cae064c7fb3e6f9795357b0897fc7cfbada29a (patch)
tree: c543b48853afa3779822fdf734c77e67d886bf12 /src/lib/libtls/tls_init.3
parent: e23e95b70f14a01a428a6d966e2cb510a4bf1cd6 (diff)
download: openbsd-a0cae064c7fb3e6f9795357b0897fc7cfbada29a.tar.gz
openbsd-a0cae064c7fb3e6f9795357b0897fc7cfbada29a.tar.bz2
openbsd-a0cae064c7fb3e6f9795357b0897fc7cfbada29a.zip
1 files changed, 18 insertions, 2 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3
index 3e888115e8..f038f9313a 100644
--- a/src/lib/libtls/tls_init.3
+++ b/src/lib/libtls/tls_init.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: tls_init.3,v 1.18 2015/02/22 15:09:54 jsing Exp $
+.\" $OpenBSD: tls_init.3,v 1.19 2015/03/31 14:03:38 jsing Exp $
 .\"
 .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
 .\"
@@ -14,7 +14,7 @@
 .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 .\"
-.Dd $Mdocdate: February 22 2015 $
+.Dd $Mdocdate: March 31 2015 $
 .Dt TLS 3
 .Os
 .Sh NAME
@@ -50,6 +50,7 @@
 .Nm tls_connect_fds ,
 .Nm tls_connect_servername ,
 .Nm tls_connect_socket ,
+.Nm tls_accept_fds ,
 .Nm tls_accept_socket ,
 .Nm tls_read ,
 .Nm tls_write
@@ -120,6 +121,8 @@
 .Ft "int"
 .Fn tls_connect_socket "struct tls *ctx" "int s" "const char *servername"
 .Ft "int"
+.Fn tls_accept_fds "struct tls *tls" "struct tls **cctx" "int fd_read" "int fd_write"
+.Ft "int"
 .Fn tls_accept_socket "struct tls *tls" "struct tls **cctx" "int socket"
 .Ft "int"
 .Fn tls_read "struct tls *ctx" "void *buf" "size_t buflen" "size_t *outlen"
@@ -180,6 +183,9 @@ file descriptors by calling
 A server can accept a new client connection by calling
 .Fn tls_accept_socket
 on an already established socket connection.
+Alternatively, a new client connection can be accepted over a pair of existing
+file descriptors by calling
+.Fn tls_accept_fds .
 .Pp
 Two functions are provided for input and output,
 .Fn tls_read
@@ -357,6 +363,16 @@ connects a client context to a pair of existing file descriptors.
 .Fn tls_connect_socket
 connects a client context to an already established socket connection.
 .It
+.Fn tls_accept_fds
+creates a new context suitable for reading and writing on an existing pair of
+file descriptors and returns it in
+.Fa *cctx .
+A configured server context should be passed in
+.Fa ctx
+and
+.Fa *cctx
+should be initialized to NULL.
+.It
 .Fn tls_accept_socket
 creates a new context suitable for reading and writing on an already
 established socket connection and returns it in
author	jsing <>	2015-03-31 14:03:38 +0000
committer	jsing <>	2015-03-31 14:03:38 +0000
commit	a0cae064c7fb3e6f9795357b0897fc7cfbada29a (patch)
tree	c543b48853afa3779822fdf734c77e67d886bf12 /src/lib/libtls/tls_init.3
parent	e23e95b70f14a01a428a6d966e2cb510a4bf1cd6 (diff)
download	openbsd-a0cae064c7fb3e6f9795357b0897fc7cfbada29a.tar.gz openbsd-a0cae064c7fb3e6f9795357b0897fc7cfbada29a.tar.bz2 openbsd-a0cae064c7fb3e6f9795357b0897fc7cfbada29a.zip