Unix API
Constructors
val server_of_fd : Tls.Config.server -> Lwt_unix.file_descr -> t Lwt.tserver_of_fd server fd is t, after server-side TLS handshake of fd using server configuration.
val client_of_fd : Tls.Config.client -> ?host:string -> Lwt_unix.file_descr -> t Lwt.tclient_of_fd client ~host fd is t, after client-side TLS handshake of fd using client configuration and host.
val accept : Tls.Config.server -> Lwt_unix.file_descr -> (t * Lwt_unix.sockaddr) Lwt.taccept server fd is t, sockaddr, after accepting a client on fd and upgrading to a TLS connection.
val connect : Tls.Config.client -> (string * int) -> t Lwt.tconnect client (host, port) is t, after successful connection to host on port and TLS upgrade.
Common stream operations
read t buffer is length, the number of bytes read into buffer.
val read_bytes : t -> Lwt_bytes.t -> int -> int -> int Lwt.tread_bytes t bytes offset len is read_bytes, the amount of bytes read.
val write_bytes : t -> Lwt_bytes.t -> int -> int -> unit Lwt.twrite_bytes t bytes offset length writes length bytes of bytes starting at offset to the session.
close t closes the TLS session by sending a close notify to the peer.
val reneg : ?authenticator:X509.Authenticator.t -> ?acceptable_cas:X509.Distinguished_name.t list -> ?cert:Tls.Config.own_cert -> ?drop:bool -> t -> unit Lwt.treneg ~authenticator ~acceptable_cas ~cert ~drop t renegotiates the session, and blocks until the renegotiation finished. Optionally, a new authenticator and acceptable_cas can be used. The own certificate can be adjusted by cert. If drop is true (the default), application data received before the renegotiation finished is dropped.
key_update ~request t updates the traffic key and requests a traffic key update from the peer if request is provided and true (the default). This is only supported in TLS 1.3.
val epoch : t -> [ `Ok of Tls.Core.epoch_data | `Error ]epoch t returns epoch, which contains information of the active session.