Overviewerlang logo

Module etls

Main API module for etls.

Copyright © (C) 2015 ACK CYFRONET AGH This software is released under the MIT license cited in 'LICENSE.md'.

Authors: Konrad Zemek.

Description

Main API module for etls.

Data Types

acceptor()

abstract datatype: acceptor()

Am acceptor socket handle created by listen/2.

der_encoded()

der_encoded() = binary()

DER-encoded binary.

listen_option()

listen_option() = {backlog, non_neg_integer()}

{backlog, non_neg_integer()}
The maximum length of the queue of connections pending acceptance. Default: system defined.

option()

option() = {packet, raw | 0 | 1 | 2 | 4} | {active, boolean() | once} | {exit_on_close, boolean()}

As in inet:setopts/2.

pem_encoded()

pem_encoded() = binary()

PEM-encoded binary.

socket()

abstract datatype: socket()

A socket handle created by connect/3, connect/4, accept/1 or accept/2

ssl_option()

ssl_option() = {verify_type, verify_none | verify_peer} | {fail_if_no_peer_cert, boolean()} | {verify_client_once, boolean()} | {rfc2818_verification_hostname, str()} | {cacerts, [pem_encoded()]} | {crls, [pem_encoded()]} | {certfile, str()} | {keyfile, str()} | {chain, [pem_encoded()]} | {ciphers, str() | [str()]}

{verify_type, verify_none | verify_peer}
If verify_peer is set, the server will request certificate from the client to verify. The client certificate is not sent when this option is verify_none. Default: verify_none
{fail_if_no_peer_cert, boolean()}
If true, the connection will fail if client does not present a certificate when verify_type is verify_peer. Default: false.
{verify_client_once, boolean()}
If true, client's certificate will not be requested on renegotiation. Default: false.
{rfc2818_verification_hostname, str()}
If set, the server's certificate will be verified against a hostname as described in RFC 2818. Default: unset.
{cacerts, [pem_encoded()]}
PEM-encoded trusted certificates. Default: [].
{crls, [pem_encoded()]}
PEM-encoded certificate revocation lists. Default: [].
{certfile, str()}
Path to a file containing the user's certificate.
{keyfile, str()}
Path to a file containing the user's private key. Defaults to the certfile path.
{chain, [pem_encoded()]}
PEM-encoded chain certificates. Default: [].
{ciphers, str() | [str()]}
A cipher specification as described in OpenSSL ciphers man. The ciphers can optionally be given as a list, which will then be joined with ":". Default: "DEFAULT".

str()

str() = binary() | string()

Function Index

accept/1Equivalent to accept(Acceptor, infinity).
accept/2 Accepts an incoming connection on an acceptor.
certificate_chain/1 Returns a DER-encoded chain of peer certificates.
cipher_suites/0Equivalent to cipher_suites(<<"ALL">>).
cipher_suites/1 Returns a list of supported cipher suites filtered by a given cipher specification.
close/1 Gracefully closes the socket.
connect/3Equivalent to connect(Host, Port, Opts, infinity).
connect/4 Opens an ssl connection to Host, Port.
controlling_process/2 Assigns a new controlling process to the socket.
handshake/1Equivalent to handshake(Socket, infinity).
handshake/2 Performs a TLS handshake on the new TCP socket.
listen/2 Creates an acceptor (listen socket).
peercert/1 Returns a DER-encoded public certificate of the peer.
peername/1 Returns the address and port number of the peer.
recv/2Equivalent to recv(Socket, Size, infinity).
recv/3 Receives a packet from a socket in passive mode.
send/2 Writes Data to Socket.
setopts/2 Sets options according to Options for the socket Socket.
shutdown/2 Shuts down the connection in one or two directions.
sockname/1 Returns the address and port number of the socket.

Function Details

accept/1

accept(Acceptor::acceptor()) -> {ok, Socket::socket()} | {error, Reason::timeout | atom()}

Equivalent to accept(Acceptor, infinity).

accept/2

accept(Acceptor::acceptor(), Timeout::timeout()) -> {ok, Socket::socket()} | {error, Reason::timeout | atom()}

Accepts an incoming connection on an acceptor. The returned socket should be passed to etls:handshake to establish the secure connection.

certificate_chain/1

certificate_chain(Socket::socket()) -> {ok, [der_encoded()]} | {error, Reason::atom()}

Returns a DER-encoded chain of peer certificates.

cipher_suites/0

cipher_suites() -> [binary()]

Equivalent to cipher_suites(<<"ALL">>).

cipher_suites/1

cipher_suites(Filter::str() | [str()]) -> [binary()]

Returns a list of supported cipher suites filtered by a given cipher specification. The specification is described in OpenSSL ciphers man. The ciphers can optionally be given as a list, which will then be joined with ":".

close/1

close(Socket::socket()) -> ok | {error, Reason::atom()}

Gracefully closes the socket.

connect/3

connect(Host::str(), Port::inet:port_number(), Opts::[option() | ssl_option()]) -> {ok, Socket::socket()} | {error, Reason::atom()}

Equivalent to connect(Host, Port, Opts, infinity).

connect/4

connect(Host::str(), Port::inet:port_number(), Opts::[option() | ssl_option()], Timeout::timeout()) -> {ok, Socket::socket()} | {error, Reason::atom()}

Opens an ssl connection to Host, Port.

controlling_process/2

controlling_process(Socket::socket(), NewControllingProcess::pid()) -> ok

Assigns a new controlling process to the socket. A controlling process receives all messages from the socket.

handshake/1

handshake(Socket::socket()) -> ok | {error, Reason::atom()}

Equivalent to handshake(Socket, infinity).

handshake/2

handshake(Socket::socket(), Timeout::timeout()) -> ok | {error, Reason::timeout | any()}

Performs a TLS handshake on the new TCP socket. The socket should be created by etls:accept .

listen/2

listen(Port::inet:port_number(), Opts::[ssl_option() | listen_option()]) -> {ok, Acceptor::acceptor()} | {error, Reason::atom()}

Creates an acceptor (listen socket).

peercert/1

peercert(Socket::socket()) -> {ok, der_encoded()} | {error, Reason::no_peer_certificate | atom()}

Returns a DER-encoded public certificate of the peer.

peername/1

peername(Socket::socket()) -> {ok, {inet:ip_address(), inet:port_number()}} | {error, Reason::atom()}

Returns the address and port number of the peer.

recv/2

recv(Socket::socket(), Size::non_neg_integer()) -> {ok, binary()} | {error, Reason::closed | timeout | atom()}

Equivalent to recv(Socket, Size, infinity).

recv/3

recv(Socket::socket(), Size::non_neg_integer(), Timeout::timeout()) -> {ok, binary()} | {error, Reason::closed | timeout | atom()}

Receives a packet from a socket in passive mode. If the socket is closed, returns {error, closed}.

send/2

send(Socket::socket(), Data::iodata()) -> ok | {error, Reason::closed | atom()}

Writes Data to Socket. If the socket is closed, returns {error, closed}.

setopts/2

setopts(Socket::socket(), Opts::[option()]) -> ok

Sets options according to Options for the socket Socket.

shutdown/2

shutdown(Socket::socket(), Type::read | write | read_write) -> ok | {error, Reason::atom()}

Shuts down the connection in one or two directions. To be able to handle that the peer has done a shutdown on the write side, the {exit_on_close, false} option is useful.

sockname/1

sockname(SocketOrAcceptor::socket() | acceptor()) -> {ok, {inet:ip_address(), inet:port_number()}} | {error, Reason::atom()}

Returns the address and port number of the socket.

Overviewerlang logo

Generated by EDoc, Jan 17 2017, 02:25:41.