From bdb38fdeb4183371b8ad8669c2821526133c39c8 Mon Sep 17 00:00:00 2001 From: Laurent Bercot Date: Sat, 3 Dec 2016 01:05:40 +0000 Subject: s6-tls*: small bugfixes. Add documentation. --- doc/libstls/index.html | 127 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 127 insertions(+) create mode 100644 doc/libstls/index.html (limited to 'doc/libstls/index.html') diff --git a/doc/libstls/index.html b/doc/libstls/index.html new file mode 100644 index 0000000..4c6819b --- /dev/null +++ b/doc/libstls/index.html @@ -0,0 +1,127 @@ + + + + + + s6-networking: the stls library interface + + + + + + +

+s6-networking
+Software
+skarnet.org +

+ +

The stls library interface

+ +

General information

+ +

+ libstls is a small support library for the +s6-tlsc and +s6-tlsd executables when they're built +against the LibreSSL +backend. You can use it in your own programs, but since +libtls +is already relatively high-level, it's probably not very useful. +

+ +

Compiling

+ + + +

Linking

+ + + +

Programming

+ +

Running the TLS/SSL engine

+ +

int stls_run (struct tls *ctx, int *fds, unsigned int verbosity, uint32_t options, tain_t const *tto)

+ +

+ This function runs a full-duplex TLS/SSL engine, reading/writing +clear text from/to two file descriptors, and writing/reading +ciphertext to/from two other file descriptors, until the +connection is closed both ways (either with a SSL close, or +with EOF). +

+ + + +

+ stls_run will make the process die with an appropriate error +message if it encounters an error. If there were no problems and the +SSL/TLS connection closed cleanly, it returns 0. All four descriptors +in fds are closed when stls_run returns, but the +caller should still free ctx itself. +

+ +

int stls_s6tlsc (char const *const *argv, char const *const *envp, tain_t const *tto, uint32_t preoptions, uint32_t options, uid_t uid, gid_t gid, unsigned int verbosity, char const *servername, int *sfd)

+ +

+ This function implements s6-tlsc on top of LibreSSL. +It has no other practical purpose; you're better off directly invoking +s6-tlsc. +

+ +

int stls_s6tlsd (char const *const *argv, char const *const *envp, tain_t const *tto, uint32_t preoptions, uint32_t options, uid_t uid, gid_t gid, unsigned int verbosity)

+ +

+ This function implements s6-tlsd on top of LibreSSL. +It has no other practical purpose; you're better off directly invoking +s6-tlsd. +

+ + + -- cgit v1.3.1