Quiver.Transport.SSL (quiver v0.2.0)

Copy Markdown View Source

SSL/TLS transport wrapping :ssl.

Uses the OS certificate store via :public_key.cacerts_get/0 and OTP's built-in hostname verification with wildcard SAN support.

Summary

Types

t()

Functions

negotiated_protocol(ssl)

Returns the ALPN protocol negotiated during the TLS handshake.

upgrade(tcp_socket, host, port, opts)

Upgrades an existing TCP socket to TLS.

Types

t()

@type t() :: %Quiver.Transport.SSL{
  negotiated_protocol: binary() | nil,
  socket: :ssl.sslsocket()
}

Functions

negotiated_protocol(ssl)

@spec negotiated_protocol(t()) :: binary() | nil

Returns the ALPN protocol negotiated during the TLS handshake.

Returns nil if no protocol was negotiated (e.g. no ALPN extension was advertised, or the server did not select one).

upgrade(tcp_socket, host, port, opts)

@spec upgrade(:gen_tcp.socket(), String.t(), :inet.port_number(), keyword()) ::
  {:ok, t()} | {:error, term()}

Upgrades an existing TCP socket to TLS.

Takes a raw :gen_tcp socket and performs TLS negotiation on it. Used for CONNECT tunneling where a TCP connection to a proxy is upgraded to TLS for the target host.