From ad909e37b20a2c933e88e0e359b2fdb401d05092 Mon Sep 17 00:00:00 2001
From: bcook <>
Date: Sun, 4 Sep 2016 12:26:43 +0000
Subject: Add callback-based interface to libtls.

This allows working with buffers and callback functions instead of directly on
sockets or file descriptors.
Original patch from Tobias Pape <tobias_at_netshed.de>.
ok beck@
---
 src/lib/libtls/tls_init.3 | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

(limited to 'src/lib/libtls/tls_init.3')

diff --git a/src/lib/libtls/tls_init.3 b/src/lib/libtls/tls_init.3
index f9a8ac1f80..762a76633b 100644
--- a/src/lib/libtls/tls_init.3
+++ b/src/lib/libtls/tls_init.3
@@ -1,4 +1,4 @@
-.\" $OpenBSD: tls_init.3,v 1.68 2016/09/04 12:03:24 jsing Exp $
+.\" $OpenBSD: tls_init.3,v 1.69 2016/09/04 12:26:43 bcook Exp $
 .\"
 .\" Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
 .\"
@@ -71,8 +71,10 @@
 .Nm tls_connect_fds ,
 .Nm tls_connect_servername ,
 .Nm tls_connect_socket ,
+.Nm tls_connect_cbs ,
 .Nm tls_accept_fds ,
 .Nm tls_accept_socket ,
+.Nm tls_accept_cbs ,
 .Nm tls_handshake ,
 .Nm tls_read ,
 .Nm tls_write ,
@@ -187,10 +189,14 @@
 .Ft "int"
 .Fn tls_connect_socket "struct tls *ctx" "int s" "const char *servername"
 .Ft "int"
+.Fn tls_connect_cbs "struct tls *ctx" "ssize_t (*tls_read_cb)(void *ctx, void *buf, size_t buflen, void *cb_arg)" "ssize_t (*tls_write_cb)(void *ctx, const void *buf, size_t buflen, void *cb_arg)" "void *cb_arg" "const char *servername"
+.Ft "int"
 .Fn tls_accept_fds "struct tls *tls" "struct tls **cctx" "int fd_read" "int fd_write"
 .Ft "int"
 .Fn tls_accept_socket "struct tls *tls" "struct tls **cctx" "int socket"
 .Ft "int"
+.Fn tls_accept_cbs "struct tls *ctx" "struct tls **cctx" "ssize_t (*tls_read_cb)(void *ctx, void *buf, size_t buflen, void *cb_arg)" "ssize_t (*tls_write_cb)(void *ctx, const void *buf, size_t buflen, void *cb_arg)" "void *cb_arg"
+.Ft "int"
 .Fn tls_handshake "struct tls *ctx"
 .Ft "ssize_t"
 .Fn tls_read "struct tls *ctx" "void *buf" "size_t buflen"
@@ -247,6 +253,9 @@ An already existing socket can be upgraded to a secure connection by calling
 Alternatively, a secure connection can be established over a pair of existing
 file descriptors by calling
 .Fn tls_connect_fds .
+Calling
+.Fn tls_connect_cbs
+allows specifying read and write callback functions to handle data transfer. The specified cb_arg parameter is passed back to the functions, and can contain a pointer to any caller-specified data.
 .Pp
 A server can accept a new client connection by calling
 .Fn tls_accept_socket
@@ -254,6 +263,9 @@ on an already established socket connection.
 Alternatively, a new client connection can be accepted over a pair of existing
 file descriptors by calling
 .Fn tls_accept_fds .
+Calling
+.Fn tls_accept_cbs
+allows specifying read and write callback functions to handle data transfer. The specified cb_arg parameter is passed back to the functions, and can contain a pointer to any caller-specified data.
 .Pp
 The TLS handshake can be completed by calling
 .Fn tls_handshake .
-- 
cgit v1.2.3-55-g6feb