<feed xmlns='http://www.w3.org/2005/Atom'>
<title>s6-networking/doc/s6-tlsc-io.html, branch v2.8.0.1</title>
<subtitle>UCSPI TCP implementation and other networking utilities</subtitle>
<id>https://git.skarnet.org/cgit/s6-networking/atom/doc/s6-tlsc-io.html?h=v2.8.0.1</id>
<link rel='self' href='https://git.skarnet.org/cgit/s6-networking/atom/doc/s6-tlsc-io.html?h=v2.8.0.1'/>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/'/>
<updated>2026-04-13T03:32:51Z</updated>
<entry>
<title> Implement --no-verify-cert for s6-tlsc and s6-tlsc-io</title>
<updated>2026-04-13T03:32:51Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2026-04-13T03:32:51Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=030078b7bf67a4307623f1a5c58284561ff64a56'/>
<id>urn:sha1:030078b7bf67a4307623f1a5c58284561ff64a56</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Update deps/docs/mirrors</title>
<updated>2026-04-04T16:10:58Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2026-04-04T16:10:58Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=60872a4798d312d8f9152fc431d46f79aca5499e'/>
<id>urn:sha1:60872a4798d312d8f9152fc431d46f79aca5499e</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Add -J and -j to the TLS tools to check for peer close_notify.</title>
<updated>2023-11-16T05:13:06Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2023-11-16T05:13:06Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=26597a785ec2dd4e9ec9fb7d9765d2ee8779ee16'/>
<id>urn:sha1:26597a785ec2dd4e9ec9fb7d9765d2ee8779ee16</id>
<content type='text'>
 Also, and more importantly, significantly rewrite stls_run()
for better full-duplex support. This implementation isn't fully
tested yet.

Signed-off-by: Laurent Bercot &lt;ska@appnovation.com&gt;
</content>
</entry>
<entry>
<title> New and fixed version of sbearssl_run</title>
<updated>2023-11-11T23:55:28Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2023-11-11T23:55:28Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=24d1860868682d33f60970119b1cff1bf088a497'/>
<id>urn:sha1:24d1860868682d33f60970119b1cff1bf088a497</id>
<content type='text'>
Signed-off-by: Laurent Bercot &lt;ska@appnovation.com&gt;
</content>
</entry>
<entry>
<title> Prepare for 2.7.0.0. Better s6-tlsc-io interface.</title>
<updated>2023-11-10T11:28:19Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2023-11-10T11:28:19Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=1e10d30b41b65dbd520e01adc5fe686cb92b0f12'/>
<id>urn:sha1:1e10d30b41b65dbd520e01adc5fe686cb92b0f12</id>
<content type='text'>
Signed-off-by: Laurent Bercot &lt;ska@appnovation.com&gt;
</content>
</entry>
<entry>
<title> Doc fixes, thanks flexibeast</title>
<updated>2021-02-04T10:37:39Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-02-04T10:37:39Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=ebb50dc335bcbd563b4e7f4f2083f2af484a893a'/>
<id>urn:sha1:ebb50dc335bcbd563b4e7f4f2083f2af484a893a</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Remove SSL_TLS_SNI_SERVERNAME (instead of defined but empty) if no SNI</title>
<updated>2021-01-28T14:31:38Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-01-28T14:31:38Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=e75d06de207e9afe4259d5e731cb77ae25faf003'/>
<id>urn:sha1:e75d06de207e9afe4259d5e731cb77ae25faf003</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Prepare for 2.4.1.0; add SSL_TLS_SNI_SERVERNAME</title>
<updated>2021-01-28T13:17:25Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-01-28T13:17:25Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=a027959a7fe49483acf86bd65d4266e3cbc4d0b0'/>
<id>urn:sha1:a027959a7fe49483acf86bd65d4266e3cbc4d0b0</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Implement handshake timeout for libtls backend</title>
<updated>2021-01-13T11:36:16Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2021-01-13T11:36:16Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=cc7dccb1858e73176814c3a8457ff6f94ff45662'/>
<id>urn:sha1:cc7dccb1858e73176814c3a8457ff6f94ff45662</id>
<content type='text'>
</content>
</entry>
<entry>
<title> Change -K semantics: timeout *during handshake*, not afterwards</title>
<updated>2020-12-07T12:53:54Z</updated>
<author>
<name>Laurent Bercot</name>
<email>ska-skaware@skarnet.org</email>
</author>
<published>2020-12-07T12:53:54Z</published>
<link rel='alternate' type='text/html' href='https://git.skarnet.org/cgit/s6-networking/commit/?id=f7e676abdc799fcee5138807447b5e91ab05508f'/>
<id>urn:sha1:f7e676abdc799fcee5138807447b5e91ab05508f</id>
<content type='text'>
 - the TLS tunnel itself should be transparent so it has no business
shutting down the connection no matter how long the app takes
 - there's still an undetectable situation on some kernels where
EOF doesn't get transmitted from the network, and the engine is in
the handshake, and it can't do anything but wait forever. A timeout
is useful here: dawg, your peer is never going to send any more data,
you should just give up.
 - if the situation happens after the handshake, the *app* should
have a timeout and die. The tunnel will follow suit.
 - libtls has a blocking tls_handshake() blackbox, we cannot give it
a timeout. Too bad, use bearssl.
</content>
</entry>
</feed>
