Changeset 34305 in project


Ignore:
Timestamp:
08/20/17 22:57:59 (5 weeks ago)
Author:
chust
Message:

[openssl] Documented client-side SNI support

File:
1 edited

Legend:

Unmodified
Added
Removed
  • wiki/eggref/4/openssl

    r33672 r34305  
    6262===== Client procedures
    6363
    64 <procedure>(ssl-connect (hostname <string>) #!optional (port <exact>) ((ctx <ssl-client-context|symbol>) 'sslv2-or-v3)) => <input-port>, <output-port></procedure>
    65 
    66 Connect to the given {{host}} on the given {{port}} (a number from 1 to 65535).
     64<procedure>(ssl-connect (hostname <string>) #!optional (port <exact>) ((ctx <ssl-client-context|symbol>) 'sslv2-or-v3) (sni-name <string|bool>)) => <input-port>, <output-port></procedure>
     65
     66Connect to the given {{hostname}} on the given {{port}} (a number from 1 to 65535).
    6767This connection will be encrypted using SSL.
    6868The return values are as tcp-connect; an input port and an output port.
     
    7474for further details, including the meanings of the protocol symbols.
    7575
    76 <procedure>(ssl-connect* #!key (hostname <string>) (port <exact>) ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) #t)) => <input-port>, <output-port></procedure>
     76The optional {{sni-name}} argument determines whether a virtual hostname is sent with the connection handshake. if {{sni-name}} is a string, that value is sent as the virtual hostname. Otherwise, if {{sni-name}} is not {{#f}}, the value of {{hostname}} is sent as the virtual hostname, too.
     77
     78<procedure>(ssl-connect* #!key (hostname <string>) (sni-name <string|bool>) (port <exact>) ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) #t)) => <input-port>, <output-port></procedure>
    7779
    7880Convenience constructor for SSL connections that uses keyword arguments to convey client context initialization information. Uses sensible defaults for the protocol configuration and enables certificate verification.
     
    143145==== STARTTLS support
    144146
    145 <procedure>(ssl-start* (server? <bool>) (tcp-in <input-port>) (tcp-out <output-port>) #!key ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) (not server?))) => <input-port>, <output-port></procedure>
     147<procedure>(ssl-start* (server? <bool>) (sni-name <string>) (tcp-in <input-port>) (tcp-out <output-port>) #!key ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) (not server?))) => <input-port>, <output-port></procedure>
    146148
    147149Given existing TCP input and output ports, {{ssl-start*}} establishes an SSL context working on top of the TCP connection. The returned ports should be used for all further communication with the remote peer. {{ssl-start*}} acts similar to {{ssl-connect*}} if {{server?}} is false or to {{ssl-accept}} if {{server?}} is true. The arguments all behave analogous to those for {{ssl-connect*}} or {{ssl-listen*}}.
Note: See TracChangeset for help on using the changeset viewer.