Ffi.set_default_verify_paths, to make OpenSSL use its default for
CA certificates locations
Make sure to close the
Pipe.Writer.tthat goes back to the application, otherwise the
application will never get an `Eof if the connection is closed.
Switched to ppx.
Fix github issue #4 (some comments swapped).
By default OpenSSL ignores the result of certificate validation, so we need to
tell it not to.
Expose session details such as checked certificates and negotiated version.
Add session resumption.
moved ffi_bindings and ffi_stubgen in separate libraries
Upgraded to use new ctypes and its new stub generation methods.
Improved the propagation of SSL errors to the caller.