package tls

  1. Overview
  2. Docs
Transport Layer Security purely in OCaml

Install

Dune Dependency

github.com Readme Changelog BSD-2-Clause License Edit opam file Versions (36)

Authors

  1. D
    David Kaloper <david@numm.org>
  2. H
    Hannes Mehnert <hannes@mehnert.org>

Maintainers

  1. H
    Hannes Mehnert <hannes@mehnert.org>
  2. D
    David Kaloper <david@numm.org>

Sources

tls-v0.12.7.tbz
sha256=ac9d7095c4418e35039c67ddb65c3f58f87b76cc1f6fc592722bd8ce2eabf0b0
sha512=ba47a646f1abc227164e5ad203a7af381f09830181ce74fff17ce1ea1aa09513349eeaa274fc91a6fc8adfeedf9ae9ccb02539581ad20a5e43f1e78961590e1b

doc/tls.lwt/Tls_lwt/Unix/index.html

Module Tls_lwt.UnixSource

Low-level API

Unix API

It is the responsibility of the client to handle error conditions. The underlying file descriptors are not closed.

Sourcetype t

Abstract type of a session

Constructors

server_of_fd server fd is t, after server-side TLS handshake of fd using server configuration.

Sourceval client_of_fd : Tls.Config.client -> ?host:string -> Lwt_unix.file_descr -> t Lwt.t

client_of_fd client ~host fd is t, after client-side TLS handshake of fd using client configuration and host.

accept server fd is t, sockaddr, after accepting a client on fd and upgrading to a TLS connection.

Sourceval connect : Tls.Config.client -> (string * int) -> t Lwt.t

connect client (host, port) is t, after successful connection to host on port and TLS upgrade.

Common stream operations

Sourceval read : t -> Cstruct.t -> int Lwt.t

read t buffer is length, the number of bytes read into buffer.

Sourceval write : t -> Cstruct.t -> unit Lwt.t

write t buffer writes the buffer to the session.

Sourceval writev : t -> Cstruct.t list -> unit Lwt.t

writev t buffers writes the buffers to the session.

Sourceval read_bytes : t -> Lwt_bytes.t -> int -> int -> int Lwt.t

read_bytes t bytes offset len is read_bytes, the amount of bytes read.

Sourceval write_bytes : t -> Lwt_bytes.t -> int -> int -> unit Lwt.t

write_bytes t bytes offset length writes length bytes of bytes starting at offset to the session.

Sourceval close_tls : t -> unit Lwt.t

close t closes the TLS session by sending a close notify to the peer.

Sourceval close : t -> unit Lwt.t

close t closes the TLS session and the underlying file descriptor.

Sourceval reneg : ?authenticator:X509.Authenticator.t -> ?acceptable_cas:X509.Distinguished_name.t list -> ?cert:Tls.Config.own_cert -> ?drop:bool -> t -> unit Lwt.t

reneg ~authenticator ~acceptable_cas ~cert ~drop t renegotiates the session, and blocks until the renegotiation finished. Optionally, a new authenticator and acceptable_cas can be used. The own certificate can be adjusted by cert. If drop is true (the default), application data received before the renegotiation finished is dropped.

Sourceval key_update : ?request:bool -> t -> unit Lwt.t

key_update ~request t updates the traffic key and requests a traffic key update from the peer if request is provided and true (the default). This is only supported in TLS 1.3.

Sourceval epoch : t -> [ `Ok of Tls.Core.epoch_data | `Error ]

epoch t returns epoch, which contains information of the active session.

OCaml

Innovation. Community. Security.

GitHub Discord Twitter Peertube RSS
About
Changelog Releases Industrial Users Academic Users Why OCaml
Ecosystem
Packages Community Events OCaml Planet Jobs
Resources
Install OCaml Get Started Platform Tools Language Manual Standard Library API Books Exercises Papers OCaml Playground Logo
Policies
Carbon Footprint Governance Privacy Code of Conduct