diff options
| author | jsing <> | 2016-04-28 17:05:59 +0000 |
|---|---|---|
| committer | jsing <> | 2016-04-28 17:05:59 +0000 |
| commit | f4470c187e09c2ca1bfcf671080ac97b7fc86df2 (patch) | |
| tree | 046b15c71afb290bae07f4b238cfdc296f78ca6b /src/lib/libtls/tls_init.3 | |
| parent | 2666540eb58ec0e76b541248bed9d159e6a2ccea (diff) | |
| download | openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.tar.gz openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.tar.bz2 openbsd-f4470c187e09c2ca1bfcf671080ac97b7fc86df2.zip | |
Factor our the keypair handling in libtls. This results in more readable
and self-contained code, while preparing for the ability to handle
multiple keypairs. Also provide two additional functions that allow
a public certificate and private key to be set with a single function
call.
ok beck@
Diffstat (limited to 'src/lib/libtls/tls_init.3')
| -rw-r--r-- | src/lib/libtls/tls_init.3 | 20 |
1 files changed, 17 insertions, 3 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index 48662e0868..da8565a248 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | .\" $OpenBSD: tls_init.3,v 1.57 2016/04/28 16:48:44 jsing Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.58 2016/04/28 17:05:59 jsing Exp $ |
| 2 | .\" | 2 | .\" |
| 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
| 4 | .\" | 4 | .\" |
| @@ -34,6 +34,8 @@ | |||
| 34 | .Nm tls_config_set_ecdhecurve , | 34 | .Nm tls_config_set_ecdhecurve , |
| 35 | .Nm tls_config_set_key_file , | 35 | .Nm tls_config_set_key_file , |
| 36 | .Nm tls_config_set_key_mem , | 36 | .Nm tls_config_set_key_mem , |
| 37 | .Nm tls_config_set_keypair_file , | ||
| 38 | .Nm tls_config_set_keypair_mem , | ||
| 37 | .Nm tls_config_set_protocols , | 39 | .Nm tls_config_set_protocols , |
| 38 | .Nm tls_config_set_verify_depth , | 40 | .Nm tls_config_set_verify_depth , |
| 39 | .Nm tls_config_prefer_ciphers_client , | 41 | .Nm tls_config_prefer_ciphers_client , |
| @@ -105,6 +107,10 @@ | |||
| 105 | .Fn tls_config_set_key_file "struct tls_config *config" "const char *key_file" | 107 | .Fn tls_config_set_key_file "struct tls_config *config" "const char *key_file" |
| 106 | .Ft "int" | 108 | .Ft "int" |
| 107 | .Fn tls_config_set_key_mem "struct tls_config *config" "const uint8_t *key" "size_t len" | 109 | .Fn tls_config_set_key_mem "struct tls_config *config" "const uint8_t *key" "size_t len" |
| 110 | .Ft "int" | ||
| 111 | .Fn tls_config_set_keypair_file "struct tls_config *config" "const char *cert_file" "const char *key_file" | ||
| 112 | .Ft "int" | ||
| 113 | .Fn tls_config_set_keypair_mem "struct tls_config *config" "const uint8_t *cert" "size_t cert_len" "const uint8_t *key" "size_t key_len" | ||
| 108 | .Ft "void" | 114 | .Ft "void" |
| 109 | .Fn tls_config_set_protocols "struct tls_config *config" "uint32_t protocols" | 115 | .Fn tls_config_set_protocols "struct tls_config *config" "uint32_t protocols" |
| 110 | .Ft "void" | 116 | .Ft "void" |
| @@ -327,11 +333,19 @@ permitted names are: | |||
| 327 | .It | 333 | .It |
| 328 | .Fn tls_config_set_key_file | 334 | .Fn tls_config_set_key_file |
| 329 | sets the file from which the private key will be read. | 335 | sets the file from which the private key will be read. |
| 330 | .Em (Server) | 336 | .Em (Client and server) |
| 331 | .It | 337 | .It |
| 332 | .Fn tls_config_set_key_mem | 338 | .Fn tls_config_set_key_mem |
| 333 | directly sets the private key from memory. | 339 | directly sets the private key from memory. |
| 334 | .Em (Server) | 340 | .Em (Client and server) |
| 341 | .It | ||
| 342 | .Fn tls_config_set_keypair_file | ||
| 343 | sets the files from which the public certificate and private key will be read. | ||
| 344 | .Em (Client and server) | ||
| 345 | .It | ||
| 346 | .Fn tls_config_set_keypair_mem | ||
| 347 | directly sets the public certifcate and private key from memory. | ||
| 348 | .Em (Client and server) | ||
| 335 | .It | 349 | .It |
| 336 | .Fn tls_config_set_protocols | 350 | .Fn tls_config_set_protocols |
| 337 | sets which versions of the protocol may be used. | 351 | sets which versions of the protocol may be used. |