diff options
Diffstat (limited to 'src/lib/libtls/tls_init.3')
-rw-r--r-- | src/lib/libtls/tls_init.3 | 36 |
1 files changed, 8 insertions, 28 deletions
diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3 index 0969c093a1..6ba2cb28be 100644 --- a/src/lib/libtls/tls_init.3 +++ b/src/lib/libtls/tls_init.3 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: tls_init.3,v 1.63 2016/08/01 17:32:19 jsing Exp $ | 1 | .\" $OpenBSD: tls_init.3,v 1.64 2016/08/02 07:47:11 jsing Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> | 3 | .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org> |
4 | .\" | 4 | .\" |
@@ -14,7 +14,7 @@ | |||
14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | 14 | .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | 15 | .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 | .\" | 16 | .\" |
17 | .Dd $Mdocdate: August 1 2016 $ | 17 | .Dd $Mdocdate: August 2 2016 $ |
18 | .Dt TLS_INIT 3 | 18 | .Dt TLS_INIT 3 |
19 | .Os | 19 | .Os |
20 | .Sh NAME | 20 | .Sh NAME |
@@ -24,7 +24,6 @@ | |||
24 | .Nm tls_config_new , | 24 | .Nm tls_config_new , |
25 | .Nm tls_config_free , | 25 | .Nm tls_config_free , |
26 | .Nm tls_config_parse_protocols , | 26 | .Nm tls_config_parse_protocols , |
27 | .Nm tls_config_set_alpn , | ||
28 | .Nm tls_config_set_ca_file , | 27 | .Nm tls_config_set_ca_file , |
29 | .Nm tls_config_set_ca_path , | 28 | .Nm tls_config_set_ca_path , |
30 | .Nm tls_config_set_ca_mem , | 29 | .Nm tls_config_set_ca_mem , |
@@ -55,9 +54,8 @@ | |||
55 | .Nm tls_peer_cert_hash , | 54 | .Nm tls_peer_cert_hash , |
56 | .Nm tls_peer_cert_notbefore , | 55 | .Nm tls_peer_cert_notbefore , |
57 | .Nm tls_peer_cert_notafter , | 56 | .Nm tls_peer_cert_notafter , |
58 | .Nm tls_conn_alpn_selected , | ||
59 | .Nm tls_conn_cipher , | ||
60 | .Nm tls_conn_version , | 57 | .Nm tls_conn_version , |
58 | .Nm tls_conn_cipher , | ||
61 | .Nm tls_load_file , | 59 | .Nm tls_load_file , |
62 | .Nm tls_client , | 60 | .Nm tls_client , |
63 | .Nm tls_server , | 61 | .Nm tls_server , |
@@ -90,8 +88,6 @@ | |||
90 | .Ft "int" | 88 | .Ft "int" |
91 | .Fn tls_config_parse_protocols "uint32_t *protocols" "const char *protostr" | 89 | .Fn tls_config_parse_protocols "uint32_t *protocols" "const char *protostr" |
92 | .Ft "int" | 90 | .Ft "int" |
93 | .Fn tls_config_set_alpn "struct tls_config *config" "const char *alpn" | ||
94 | .Ft "int" | ||
95 | .Fn tls_config_set_ca_file "struct tls_config *config" "const char *ca_file" | 91 | .Fn tls_config_set_ca_file "struct tls_config *config" "const char *ca_file" |
96 | .Ft "int" | 92 | .Ft "int" |
97 | .Fn tls_config_set_ca_path "struct tls_config *config" "const char *ca_path" | 93 | .Fn tls_config_set_ca_path "struct tls_config *config" "const char *ca_path" |
@@ -152,11 +148,9 @@ | |||
152 | .Ft "time_t" | 148 | .Ft "time_t" |
153 | .Fn tls_peer_cert_notafter "struct tls *ctx" | 149 | .Fn tls_peer_cert_notafter "struct tls *ctx" |
154 | .Ft "const char *" | 150 | .Ft "const char *" |
155 | .Fn tls_conn_alpn_selected "struct tls *ctx" | 151 | .Fn tls_conn_version "struct tls *ctx" |
156 | .Ft "const char *" | 152 | .Ft "const char *" |
157 | .Fn tls_conn_cipher "struct tls *ctx" | 153 | .Fn tls_conn_cipher "struct tls *ctx" |
158 | .Ft "const char *" | ||
159 | .Fn tls_conn_version "struct tls *ctx" | ||
160 | .Ft "uint8_t *" | 154 | .Ft "uint8_t *" |
161 | .Fn tls_load_file "const char *file" "size_t *len" "char *password" | 155 | .Fn tls_load_file "const char *file" "size_t *len" "char *password" |
162 | .Ft "struct tls *" | 156 | .Ft "struct tls *" |
@@ -301,11 +295,6 @@ The following functions modify a configuration by setting parameters. | |||
301 | Configuration options may apply to only clients or only servers or both. | 295 | Configuration options may apply to only clients or only servers or both. |
302 | .Bl -bullet -offset four | 296 | .Bl -bullet -offset four |
303 | .It | 297 | .It |
304 | .Fn tls_config_set_alpn | ||
305 | sets the ALPN protocols that are supported. | ||
306 | The alpn string is a comma separated list of protocols, in order of preference. | ||
307 | .Em (Client and Server) | ||
308 | .It | ||
309 | .Fn tls_config_set_ca_file | 298 | .Fn tls_config_set_ca_file |
310 | sets the filename used to load a file | 299 | sets the filename used to load a file |
311 | containing the root certificates. | 300 | containing the root certificates. |
@@ -491,14 +480,13 @@ the peer certificate from | |||
491 | will only succeed after the handshake is complete. | 480 | will only succeed after the handshake is complete. |
492 | .Em (Server and client) | 481 | .Em (Server and client) |
493 | .It | 482 | .It |
494 | .Fn tls_conn_alpn_selected | 483 | .Fn tls_conn_version |
495 | returns a string that specifies the ALPN protocol selected for use with the peer | 484 | returns a string |
485 | corresponding to a TLS version negotiated with the peer | ||
496 | connected to | 486 | connected to |
497 | .Ar ctx . | 487 | .Ar ctx . |
498 | If no protocol was selected then NULL is returned. | 488 | .Fn tls_conn_version |
499 | .Fn tls_conn_alpn_selected | ||
500 | will only succeed after the handshake is complete. | 489 | will only succeed after the handshake is complete. |
501 | .Em (Server and Client) | ||
502 | .It | 490 | .It |
503 | .Fn tls_conn_cipher | 491 | .Fn tls_conn_cipher |
504 | returns a string | 492 | returns a string |
@@ -509,14 +497,6 @@ connected to | |||
509 | will only succeed after the handshake is complete. | 497 | will only succeed after the handshake is complete. |
510 | .Em (Server and client) | 498 | .Em (Server and client) |
511 | .It | 499 | .It |
512 | .Fn tls_conn_version | ||
513 | returns a string | ||
514 | corresponding to a TLS version negotiated with the peer | ||
515 | connected to | ||
516 | .Ar ctx . | ||
517 | .Fn tls_conn_version | ||
518 | will only succeed after the handshake is complete. | ||
519 | .It | ||
520 | .Fn tls_load_file | 500 | .Fn tls_load_file |
521 | loads a certificate or key from disk into memory to be loaded with | 501 | loads a certificate or key from disk into memory to be loaded with |
522 | .Fn tls_config_set_ca_mem , | 502 | .Fn tls_config_set_ca_mem , |