package async_ssl

  1. Overview
  2. Docs
An Async-pipe-based interface with OpenSSL

Install

Dune Dependency

github.com Changelog MIT License Edit opam file Versions (26)

Authors

  1. J
    Jane Street Group, LLC

Maintainers

  1. J
    Jane Street developers

Sources

async_ssl-v0.16.0.tar.gz
sha256=5c9f74ddc00228634c2f6c60c10f3a821dc664f873d80c427284588c3e01bedd

CHANGES.md.html

Release v0.16.0

  • Removed Support for OpenSSL 1.0. We now require OpenSSL 1.1.x. (OpenSSL 3.x should also work but is untested).

  • Added new configuration option override_security_level as an escape hatch to override the system wide OpenSSL security level. See Ssl.Override_security_level

  • Added Connection.peer_certificate_fingerprint and Certificate.fingerprint.

  • Expose ?socket on Tls.listen to allow configuring the underlying listening socket. See Async_unix.Tcp.Server.create.

Old pre-v0.15 changelogs (very likely stale and incomplete)

git version

  • Added function Ffi.set_default_verify_paths, to make OpenSSL use its default for CA certificates locations

113.33.00

  • Make sure to close the Pipe.Writer.t that goes back to the application, otherwise the application will never get an `Eof if the connection is closed.

113.24.00

  • Switched to ppx.

113.00.00

  • Added Ssl.Connection.close.

112.35.00

  • Fix github issue #4 (some comments swapped).

112.24.00

  • By default OpenSSL ignores the result of certificate validation, so we need to tell it not to.

  • Expose session details such as checked certificates and negotiated version. Add session resumption.

112.17.00

  • moved ffi_bindings and ffi_stubgen in separate libraries

111.21.00

  • Upgraded to use new ctypes and its new stub generation methods.

111.08.00

  • Improved the propagation of SSL errors to the caller.

111.06.00

Initial release