net.mbedtls #

fn new_ssl_conn(config SSLConnectConfig) !&SSLConn

new_ssl_conn returns a new SSLConn with the given config.

fn new_ssl_listener(saddr string, config SSLConnectConfig) !&SSLListener

create a new SSLListener binding to saddr

fn new_sslcerts() &SSLCerts

new_sslcerts initializes and returns a pair of SSL certificates and key

fn new_sslcerts_from_file(verify string, cert string, cert_key string) !&SSLCerts

new_sslcerts_from_file creates a new pair of SSL certificates, given their paths on the filesystem.

fn new_sslcerts_in_memory(verify string, cert string, cert_key string) !&SSLCerts

new_sslcerts_in_memory creates a pair of SSL certificates, given their contents (not paths).

struct C.mbedtls_ctr_drbg_context {}

struct C.mbedtls_entropy_context {}

struct C.mbedtls_net_context {
mut:
	fd int
}

struct C.mbedtls_pk_context {}

struct C.mbedtls_ssl_config {}

struct C.mbedtls_ssl_context {}

struct C.mbedtls_ssl_recv_t {}

struct C.mbedtls_ssl_recv_timeout_t {}

struct C.mbedtls_ssl_send_t {}

struct C.mbedtls_x509_crl {}

struct C.mbedtls_x509_crt {}

struct SSLCerts {
pub mut:
	cacert      C.mbedtls_x509_crt
	client_cert C.mbedtls_x509_crt
	client_key  C.mbedtls_pk_context
}

SSLCerts represents a pair of CA and client certificates + key

fn (mut c SSLCerts) cleanup()

cleanup frees the SSL certificates

struct SSLConn {
pub:
	config SSLConnectConfig
pub mut:
	server_fd C.mbedtls_net_context
	ssl       C.mbedtls_ssl_context
	conf      C.mbedtls_ssl_config
	certs     &SSLCerts = unsafe { nil }
	handle    int
	duration  time.Duration
	opened    bool
	ip        string

	owns_socket bool
}

SSLConn is the current connection

fn (mut s SSLConn) close() !

close terminates the ssl connection and does cleanup

fn (mut s SSLConn) shutdown() !

shutdown terminates the ssl connection and does cleanup

fn (mut s SSLConn) connect(mut tcp_conn net.TcpConn, hostname string) !

connect sets up an ssl connection on an existing TCP connection

fn (mut s SSLConn) dial(hostname string, port int) !

dial opens an ssl connection on hostname:port

fn (s &SSLConn) addr() !net.Addr

addr retrieves the local ip address and port number for this connection

fn (s &SSLConn) peer_addr() !net.Addr

peer_addr retrieves the ip address and port number used by the peer

fn (mut s SSLConn) socket_read_into_ptr(buf_ptr &u8, len int) !int

socket_read_into_ptr reads len bytes into buf

fn (mut s SSLConn) read(mut buffer []u8) !int

read reads data from the ssl connection into buffer

fn (mut s SSLConn) write_ptr(bytes &u8, len int) !int

write_ptr writes len bytes from bytes to the ssl connection

fn (mut s SSLConn) write(bytes []u8) !int

write writes data from bytes to the ssl connection

fn (mut s SSLConn) write_string(str string) !int

write_string writes a string to the ssl connection

struct SSLConnectConfig {
pub:
	verify   string // the path to a rootca.pem file, containing trusted CA certificate(s)
	cert     string // the path to a cert.pem file, containing client certificate(s) for the request
	cert_key string // the path to a key.pem file, containing private keys for the client certificate(s)
	validate bool   // set this to true, if you want to stop requests, when their certificates are found to be invalid

	in_memory_verification bool // if true, verify, cert, and cert_key are read from memory, not from a file

	get_certificate ?fn (mut SSLListener, string) !&SSLCerts
}

struct SSLListener {
	saddr  string
	config SSLConnectConfig
mut:
	server_fd C.mbedtls_net_context
	ssl       C.mbedtls_ssl_context
	conf      C.mbedtls_ssl_config
	certs     &SSLCerts = unsafe { nil }
	opened    bool
	// handle		int
	// duration	time.Duration
}

SSLListener listens on a TCP port and accepts connection secured with TLS

fn (mut l SSLListener) shutdown() !

finish the listener and clean up resources

fn (mut l SSLListener) accept() !&SSLConn

accepts a new connection and returns a SSLConn of the connected client