Changeset 34314 in project


Ignore:
Timestamp:
08/21/17 00:17:36 (3 months ago)
Author:
chust
Message:

[openssl] Documented improved SNI support

File:
1 edited

Legend:

Unmodified
Added
Removed
  • wiki/eggref/4/openssl

    r34312 r34314  
    7676for further details, including the meanings of the protocol symbols.
    7777
    78 The optional {{sni-name}} argument determines whether a virtual hostname is sent with the connection handshake. if {{sni-name}} is a string, that value is sent as the virtual hostname. Otherwise, if {{sni-name}} is not {{#f}}, the value of {{hostname}} is sent as the virtual hostname, too.
    79 
    80 <procedure>(ssl-connect* #!key (hostname <string>) (sni-name <string|bool>) (port <exact>) ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) #t)) => <input-port>, <output-port></procedure>
    81 
    82 Convenience constructor for SSL connections that uses keyword arguments to convey client context initialization information. Uses sensible defaults for the protocol configuration and enables certificate verification.
     78The optional {{sni-name}} argument determines whether a virtual hostname is sent with the connection handshake: If {{sni-name}} is a string, that value is sent as the virtual hostname. If {{sni-name}} is {{#t}} and the value of {{hostname}} does not look like a literal IPv4 or IPv6 address, it is sent as the virtual hostname. By default, no virtual hostname is sent.
     79
     80<procedure>(ssl-connect* #!key (hostname <string>) (port <exact>) ((sni-name <string|bool>) #t) ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) #t)) => <input-port>, <output-port></procedure>
     81
     82Convenience constructor for SSL connections that uses keyword arguments to convey client context initialization information. Uses sensible defaults for the protocol configuration, enables certificate verification and sends a virtual hostname by default.
    8383
    8484The {{hostname}} and {{port}} arguments determine the network address to connect to. See {{ssl-make-client-context*}} for a description of the other keyword arguments.
     
    236236=== Changelog
    237237
    238 * 1.9.0 Add client-side SNI support
     238* 1.9.1 Add client-side SNI support
    239239* 1.8.0 Add ssl-start* to support layering SSL on top of an existing TCP connection
    240240* 1.7.0 Various improvements including CHICKEN 4.10 compatibility and new constructors with more secure defaults
Note: See TracChangeset for help on using the changeset viewer.