diff options
| author | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-22 15:46:34 +0000 |
|---|---|---|
| committer | Laurent Bercot <ska-skaware@skarnet.org> | 2020-11-22 15:46:34 +0000 |
| commit | 4fb917263ac30373cb3e5dfe3e207369eb238def (patch) | |
| tree | 992265c03c46e9fe38084336e9a87733b9e8748c /doc | |
| parent | 47cbbb1619ace4013856843ef8f7d68279c74faa (diff) | |
| download | s6-networking-4fb917263ac30373cb3e5dfe3e207369eb238def.tar.xz | |
Add SSL_PROTOCOL and SSL_CIPHER support, fix some bugs
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/libsbearssl/index.html | 12 | ||||
| -rw-r--r-- | doc/libstls/index.html | 18 |
2 files changed, 26 insertions, 4 deletions
diff --git a/doc/libsbearssl/index.html b/doc/libsbearssl/index.html index 656c724..0c53c14 100644 --- a/doc/libsbearssl/index.html +++ b/doc/libsbearssl/index.html @@ -482,6 +482,18 @@ contain something else than numerical uid/gids, the process exits 111 with an error message. </p> +<h4> <code> int sbearssl_send_environment (br_ssl_engine_context *ctx, int fd) </code> </h4> + +<p> + Writes a series of null-terminated strings of the form <tt>key=value</tt> +to file descriptor <em>fd</em>; the series is terminated with an additional +null character. The strings represent information about the TLS connection +represented by context <em>ctx</em>; it is only valid to call this function +after the handshake has completed. The exact keys used will change over time, +but at least <tt>SSL_PROTOCOL=value</tt> and <tt>SSL_CIPHER=value</tt> are +transmitted. The function returns 1 if it succeeds and 0 if it fails. +</p> + <h3> Running the TLS/SSL engine (internal function for both clients and servers) </h3> <h4> <code> void sbearssl_run (br_ssl_engine_context *ctx, int *fds, tain_t const *tto, uint32_t options, unsigned int verbosity, sbearssl_handshake_cb_t_ref cb, sbearssl_handshake_cb_context_t *cbarg) </code> </h4> diff --git a/doc/libstls/index.html b/doc/libstls/index.html index f81396c..0983fef 100644 --- a/doc/libstls/index.html +++ b/doc/libstls/index.html @@ -66,6 +66,18 @@ contain something else than numerical uid/gids, the process exits 111 with an error message. </p> +<h4> <code> int stls_send_environment (struct tls *ctx, int fd) </code> </h4> + +<p> + Writes a series of null-terminated strings of the form <tt>key=value</tt> +to file descriptor <em>fd</em>; the series is terminated with an additional +null character. The strings represent information about the TLS connection +represented by context <em>ctx</em>; it is only valid to call this function +after the handshake has completed. The exact keys used will change over time, +but at least <tt>SSL_PROTOCOL=value</tt> and <tt>SSL_CIPHER=value</tt> are +transmitted. The function returns 1 if it succeeds and 0 if it fails. +</p> + <h3> Initializing the TLS engine </h3> <h4> <code> struct tls *stls_client_init_and_handshake (int const *fds, uint32_t preoptions, char const *servername) </code> </h4> @@ -95,10 +107,8 @@ exits 100 with an error message. </p> <ul> - <li> <tt>fds</tt> : an array of 4 file descriptors, that are in this -order: the fd reading from the application (cleartext), the fd writing to the -application (cleartext), the fd reading from the network, the fd writing to -the network. </li> + <li> <tt>fds</tt> : an array of 2 file descriptors, that are in this +order: the fd reading from the network, the fd writing to the network. </li> <li> <tt>preoptions : a bitfield. <ul> <li> Bit 0: if clear, no client authentication is performed. If set, |