Scroll to navigation

TLS_CLIENT(3) Library Functions Manual TLS_CLIENT(3)

NAME

tls_client, tls_server, tls_configure, tls_reset, tls_freeconfigure a TLS connection

SYNOPSIS

#include <tls.h>

struct tls *
tls_client(void);

struct tls *
tls_server(void);

int
tls_configure(struct tls *ctx, struct tls_config *config);

void
tls_free(struct tls *ctx);

void
tls_reset(struct tls *ctx);

DESCRIPTION

A TLS connection is represented as a struct tls object called a “context”. A new context is created by either the () or () functions. tls_client() is used in TLS client programs, tls_server() in TLS server programs.

The context can then be configured with the function (). The same tls_config object can be used to configure multiple contexts.

After configuration, tls_connect(3) can be called on objects created with (), and tls_accept_socket(3) on objects created with ().

After use, a TLS context should be closed with tls_close(3), and then freed by calling (). If tls_free() is called with an argument of NULL, no action occurs.

A TLS context can be reset by calling (), allowing for it to be reused. This is essentially equivalent to calling tls_free(), followed by a call to the same function that was used to originally allocate the TLS context.

RETURN VALUES

tls_client() and tls_server() return NULL on error or an out of memory condition.

tls_configure() returns 0 on success or -1 on error.

SEE ALSO

tls_accept_socket(3), tls_config_new(3), tls_connect(3), tls_init(3)

HISTORY

These functions appeared in OpenBSD 5.6 and got their final names in OpenBSD 5.7.

AUTHORS

Joel Sing <jsing@openbsd.org>

August 12, 2017 Debian