Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
TLS_ATTACH_SERVER_MEM(3)   libdill Library Functions  TLS_ATTACH_SERVER_MEM(3)

       tls_attach_server_mem - creates TLS protocol on top of underlying sock-

	      #include <libdill.h>

	      int tls_attach_server_mem(
		  int s,
		  const	char* cert,
		  const	char* cert,
		  struct tls_storage* mem,
		  int64_t deadline);

       WARNING:	This is	experimental functionality and the API may  change  in
       the future.

       TLS  is	a  cryptographic protocol to provide secure communication over
       the network.  It	is a bytestream	protocol.

       This function instantiates TLS protocol on top of the underlying	proto-
       col.   TLS  protocol  being asymmetric, client and server sides are in-
       tialized	in different ways.  This particular function  initializes  the
       server side of the connection.

       This  function allows to	avoid one dynamic memory allocation by storing
       the object in user-supplied memory.  Unless  you	 are  hyper-optimizing
       use tls_attach_server instead.

       s: Handle of the	underlying socket.  It must be a bytestream protocol.

       cert: Filename of the file contianing the certificate.

       cert: Filename of the file contianing the private key.

       mem:  The  structure to store the newly created object in.  It must not
       be deallocated before the object	is closed.

       deadline: A point in time when the operation should time	out,  in  mil-
       liseconds.   Use	the now	function to get	your current point in time.  0
       means immediate timeout,	i.e., perform the operation if possible	or re-
       turn  without  blocking	if  not.  -1 means no deadline,	i.e., the call
       will block forever if the operation cannot be performed.

       The socket can be cleanly shut down using tls_detach function.

       This function is	not available  if  libdill  is	compiled  with	--dis-
       able-sockets option.

       This  function  is  not	available if libdill is	compiled without --en-
       able-tls	option.

       In case of success the function returns newly  created  socket  handle.
       In  case	of error it returns -1 and sets	errno to one of	the values be-

       o EBADF:	Invalid	handle.

       o ECANCELED: Current coroutine was canceled.

       o ECONNRESET: Broken connection.

       o EINVAL: Invalid argument.

       o EMFILE: The maximum number of file descriptors	in the process are al-
	 ready open.

       o ENFILE:  The maximum number of	file descriptors in the	system are al-
	 ready open.

       o ENOMEM: Not enough memory.

       o ENOTSUP: The handle does not support this operation.

       o EPROTO: Underlying socket is not a bytestream socket.

       o ETIMEDOUT: Deadline was reached.

	      int s = tcp_accept(listener, NULL, -1);
	      s	= tls_attach_server(s, -1);
	      bsend(s, "ABC", 3, -1);
	      char buf[3];
	      ssize_t sz = brecv(s, buf, sizeof(buf), -1);
	      s	= tls_detach(s,	-1);

       brecv(3)	 brecvl(3)  bsend(3)  bsendl(3)	  hclose(3)   now(3)   tls_at-
       tach_client(3)  tls_attach_client_mem(3)	 tls_attach_server(3)  tls_de-
       tach(3) tls_done(3)

libdill						      TLS_ATTACH_SERVER_MEM(3)


Want to link to this manual page? Use this URL:

home | help