1 files changed, 114 insertions, 0 deletions
diff --git a/src/lib/libtls/man/tls_connect.3 b/src/lib/libtls/man/tls_connect.3
new file mode 100644
index 0000000000..8137fba53b
--- /dev/null
+++ b/src/lib/libtls/man/tls_connect.3
@@ -0,0 +1,114 @@
+.\" $OpenBSD: tls_connect.3,v 1.1 2017/01/25 23:53:18 schwarze Exp $
+.\"
+.\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
+.\"
+.\" Permission to use, copy, modify, and distribute this software for any
+.\" purpose with or without fee is hereby granted, provided that the above
+.\" copyright notice and this permission notice appear in all copies.
+.\"
+.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+.\"
+.Dd $Mdocdate: January 25 2017 $
+.Dt TLS_CONNECT 3
+.Os
+.Sh NAME
+.Nm tls_connect ,
+.Nm tls_connect_fds ,
+.Nm tls_connect_servername ,
+.Nm tls_connect_socket ,
+.Nm tls_connect_cbs
+.Nd instruct a TLS client to establish a connection
+.Sh SYNOPSIS
+.In tls.h
+.Ft int
+.Fo tls_connect
+.Fa "struct tls *ctx"
+.Fa "const char *host"
+.Fa "const char *port"
+.Fc
+.Ft int
+.Fo tls_connect_fds
+.Fa "struct tls *ctx"
+.Fa "int fd_read"
+.Fa "int fd_write"
+.Fa "const char *servername"
+.Fc
+.Ft int
+.Fo tls_connect_servername
+.Fa "struct tls *ctx"
+.Fa "const char *host"
+.Fa "const char *port"
+.Fa "const char *servername"
+.Fc
+.Ft int
+.Fo tls_connect_socket
+.Fa "struct tls *ctx"
+.Fa "int s"
+.Fa "const char *servername"
+.Fc
+.Ft int
+.Fo tls_connect_cbs
+.Fa "struct tls *ctx"
+.Fa "ssize_t (*tls_read_cb)(struct tls *ctx,\
+ void *buf, size_t buflen, void *cb_arg)"
+.Fa "ssize_t (*tls_write_cb)(struct tls *ctx,\
+ const void *buf, size_t buflen, void *cb_arg)"
+.Fa "void *cb_arg"
+.Fa "const char *servername"
+.Fc
+.Sh DESCRIPTION
+After creating a TLS client context with
+.Xr tls_client 3
+and configuring it with
+.Xr tls_configure 3 ,
+a client connection is initiated by calling
+.Fn tls_connect .
+This function will create a new socket, connect to the specified
+.Fa host
+and
+.Fa port ,
+and then establish a secure connection.
+The
+.Fa port
+may be numeric or a service name.
+If it is
+.Dv NULL ,
+then a
+.Fa host
+of the format "hostname:port" is permitted.
+.Pp
+The
+.Fn tls_connect_servername
+function has the same behaviour, however the name to use for verification is
+explicitly provided, rather than being inferred from the
+.Ar host
+value.
+.Pp
+An already existing socket can be upgraded to a secure connection by calling
+.Fn tls_connect_socket .
+.Pp
+Alternatively, a secure connection can be established over a pair of existing
+file descriptors by calling
+.Fn tls_connect_fds .
+.Pp
+Calling
+.Fn tls_connect_cbs
+allows read and write callback functions to handle data transfers.
+The specified cb_arg parameter is passed back to the functions,
+and can contain a pointer to any caller-specified data.
+.Sh RETURN VALUES
+These functions return 0 on success or -1 on error.
+.Sh SEE ALSO
+.Xr tls_accept_socket 3 ,
+.Xr tls_client 3 ,
+.Xr tls_close 3 ,
+.Xr tls_config_ocsp_require_stapling 3 ,
+.Xr tls_configure 3 ,
+.Xr tls_handshake 3 ,
+.Xr tls_init 3

diff --git a/src/lib/libtls/man/tls_connect.3 b/src/lib/libtls/man/tls_connect.3 new file mode 100644 index 0000000000..8137fba53b --- /dev/null +++ b/src/lib/libtls/man/tls_connect.3
@@ -0,0 +1,114 @@
	1	.\" $OpenBSD: tls_connect.3,v 1.1 2017/01/25 23:53:18 schwarze Exp $
	2	.\"
	3	.\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
	4	.\"
	5	.\" Permission to use, copy, modify, and distribute this software for any
	6	.\" purpose with or without fee is hereby granted, provided that the above
	7	.\" copyright notice and this permission notice appear in all copies.
	8	.\"
	9	.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
	10	.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
	11	.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
	12	.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
	13	.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
	14	.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
	15	.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
	16	.\"
	17	.Dd $Mdocdate: January 25 2017 $
	18	.Dt TLS_CONNECT 3
	19	.Os
	20	.Sh NAME
	21	.Nm tls_connect ,
	22	.Nm tls_connect_fds ,
	23	.Nm tls_connect_servername ,
	24	.Nm tls_connect_socket ,
	25	.Nm tls_connect_cbs
	26	.Nd instruct a TLS client to establish a connection
	27	.Sh SYNOPSIS
	28	.In tls.h
	29	.Ft int
	30	.Fo tls_connect
	31	.Fa "struct tls *ctx"
	32	.Fa "const char *host"
	33	.Fa "const char *port"
	34	.Fc
	35	.Ft int
	36	.Fo tls_connect_fds
	37	.Fa "struct tls *ctx"
	38	.Fa "int fd_read"
	39	.Fa "int fd_write"
	40	.Fa "const char *servername"
	41	.Fc
	42	.Ft int
	43	.Fo tls_connect_servername
	44	.Fa "struct tls *ctx"
	45	.Fa "const char *host"
	46	.Fa "const char *port"
	47	.Fa "const char *servername"
	48	.Fc
	49	.Ft int
	50	.Fo tls_connect_socket
	51	.Fa "struct tls *ctx"
	52	.Fa "int s"
	53	.Fa "const char *servername"
	54	.Fc
	55	.Ft int
	56	.Fo tls_connect_cbs
	57	.Fa "struct tls *ctx"
	58	.Fa "ssize_t (tls_read_cb)(struct tls ctx,\
	59	void buf, size_t buflen, void cb_arg)"
	60	.Fa "ssize_t (tls_write_cb)(struct tls ctx,\
	61	const void buf, size_t buflen, void cb_arg)"
	62	.Fa "void *cb_arg"
	63	.Fa "const char *servername"
	64	.Fc
	65	.Sh DESCRIPTION
	66	After creating a TLS client context with
	67	.Xr tls_client 3
	68	and configuring it with
	69	.Xr tls_configure 3 ,
	70	a client connection is initiated by calling
	71	.Fn tls_connect .
	72	This function will create a new socket, connect to the specified
	73	.Fa host
	74	and
	75	.Fa port ,
	76	and then establish a secure connection.
	77	The
	78	.Fa port
	79	may be numeric or a service name.
	80	If it is
	81	.Dv NULL ,
	82	then a
	83	.Fa host
	84	of the format "hostname:port" is permitted.
	85	.Pp
	86	The
	87	.Fn tls_connect_servername
	88	function has the same behaviour, however the name to use for verification is
	89	explicitly provided, rather than being inferred from the
	90	.Ar host
	91	value.
	92	.Pp
	93	An already existing socket can be upgraded to a secure connection by calling
	94	.Fn tls_connect_socket .
	95	.Pp
	96	Alternatively, a secure connection can be established over a pair of existing
	97	file descriptors by calling
	98	.Fn tls_connect_fds .
	99	.Pp
	100	Calling
	101	.Fn tls_connect_cbs
	102	allows read and write callback functions to handle data transfers.
	103	The specified cb_arg parameter is passed back to the functions,
	104	and can contain a pointer to any caller-specified data.
	105	.Sh RETURN VALUES
	106	These functions return 0 on success or -1 on error.
	107	.Sh SEE ALSO
	108	.Xr tls_accept_socket 3 ,
	109	.Xr tls_client 3 ,
	110	.Xr tls_close 3 ,
	111	.Xr tls_config_ocsp_require_stapling 3 ,
	112	.Xr tls_configure 3 ,
	113	.Xr tls_handshake 3 ,
	114	.Xr tls_init 3