Module Tls_lwt

Effectful operations using Lwt for pure TLS.

The pure TLS is state and buffer in, state and buffer out. This module uses Lwt for communication over the network.

This module implements a high-level API and a low-level API (in Unix). Most applications should use the high-level API described below.

exception Tls_alert of Tls.Packet.alert_type

Tls_alert exception received from the other endpoint

exception Tls_failure of Tls.Engine.failure

Tls_failure exception while processing incoming data

module Unix : sig ... end

Low-level API

High-level API

type ic = Lwt_io.input_channel
type oc = Lwt_io.output_channel
val accept_ext : Tls.Config.server -> Lwt_unix.file_descr -> ((ic * oc) * Lwt_unix.sockaddr) Lwt.t

accept_ext server fd is (ic, oc), sockaddr, the input and output channel from an accepted connection on the given fd, after upgrading to TLS using the server configuration.

val accept : Tls.Config.own_cert -> Lwt_unix.file_descr -> ((ic * oc) * Lwt_unix.sockaddr, [> `Msg of string ]) Stdlib.result Lwt.t

accept own_cert fd is (ic, oc), sockaddr, the input and output channel from the accepted connection on fd, using the default configuration with the given own_cert.

val connect_ext : Tls.Config.client -> (string * int) -> (ic * oc) Lwt.t

connect_ext client (host, port) is ic, oc, the input and output channel of a TLS connection to host on port using the client configuration.

val connect : X509.Authenticator.t -> (string * int) -> (ic * oc, [> `Msg of string ]) Stdlib.result Lwt.t

connect authenticator (host, port) is ic, oc, the input and output channel of a TLS connection to host on port using the default configuration and the authenticator.

val of_t : ?close:(unit -> unit Lwt.t) -> Unix.t -> ic * oc

of_t t is ic, oc, the input and output channel. close defaults to !Unix.close.