table of contents
TLS_CLIENT(3) | Library Functions Manual | TLS_CLIENT(3) |
NAME¶
tls_client
,
tls_server
, tls_configure
,
tls_reset
, tls_free
—
configure a TLS connection
SYNOPSIS¶
#include
<tls.h>
struct tls *
tls_client
(void);
struct tls *
tls_server
(void);
int
tls_configure
(struct tls *ctx,
struct tls_config *config);
void
tls_free
(struct
tls *ctx);
void
tls_reset
(struct
tls *ctx);
DESCRIPTION¶
A TLS connection is represented as a struct
tls object called a “context”. A new context is created
by either the
tls_client
()
or
tls_server
()
functions. tls_client
() is used in TLS client
programs, tls_server
() in TLS server programs.
The context can then be configured with the
function
tls_configure
().
The same tls_config object can be used to configure
multiple contexts.
After configuration,
tls_connect(3) can be called on objects created with
tls_client
(),
and tls_accept_socket(3) on objects created with
tls_server
().
After use, a TLS context should be closed with
tls_close(3), and then freed by calling
tls_free
().
If tls_free
() is called with an argument of
NULL
, no action occurs.
A TLS context can be reset by calling
tls_reset
(),
allowing for it to be reused. This is essentially equivalent to calling
tls_free
(), followed by a call to the same function
that was used to originally allocate the TLS context.
RETURN VALUES¶
tls_client
() and
tls_server
() return NULL
on
error or an out of memory condition.
tls_configure
() returns 0 on success or -1
on error.
SEE ALSO¶
tls_accept_socket(3), tls_config_new(3), tls_connect(3), tls_init(3)
HISTORY¶
These functions appeared in OpenBSD 5.6 and got their final names in OpenBSD 5.7.
AUTHORS¶
Joel Sing <jsing@openbsd.org>
August 12, 2017 | Debian |