-<!-- $Id: comstack.xml,v 1.9 2002-08-17 07:55:51 adam Exp $ -->
<chapter id="comstack"><title>The COMSTACK Module</title>
<sect1 id="comstack.synopsis"><title>Synopsis (blocking mode)</title>
<para>
The &comstack;
subsystem provides a transparent interface to different types of transport
- stacks for the exchange of BER-encoded data. At present, the
- RFC1729 method (BER over TCP/IP), local UNIX socket and an
+ stacks for the exchange of BER-encoded data and HTTP packets.
+ At present, the RFC1729 method (BER over TCP/IP), local UNIX socket and an
experimental SSL stack are supported, but others may be added in time.
The philosophy of the
module is to provide a simple interface by hiding unused options and
</sect1>
<sect1 id="comstack.common"><title>Common Functions</title>
- <sect2><title>Managing Endpoints</title>
+ <sect2 id="comstack.managing.endpoints"><title>Managing Endpoints</title>
<synopsis>
COMSTACK cs_create(CS_TYPE type, int blocking, int protocol);
<variablelist>
<varlistentry><term><literal>tcpip_type</literal></term>
- <listitem><para>TCP/IP (BER over TCP/IP)
+ <listitem><para>TCP/IP (BER over TCP/IP or HTTP over TCP/IP)
</para></listitem>
</varlistentry>
<varlistentry><term><literal>ssl_type</literal></term>
<listitem><para>Secure Socket Layer (SSL). This COMSTACK
- is experimental and is not fully implemented.
+ is experimental and is not fully implemented. If
+ HTTP is used, this effectively is HTTPS.
</para></listitem>
</varlistentry>
<varlistentry><term><literal>unix_type</literal></term>
- <listitem><para>Unix socket (unix only). Fast local transfer via
+ <listitem><para>Unix socket (unix only). Local Transfer via
file socket. See <citerefentry><refentrytitle>unix</refentrytitle>
<manvolnum>7</manvolnum></citerefentry>.
</para></listitem>
The <literal>blocking</literal> parameter should be one if
you wish the association to operate in blocking mode, zero otherwise.
The <literal>protocol</literal> field should be
- <literal>PROTO_Z3950</literal>.
+ <literal>PROTO_Z3950</literal> or <literal>PROTO_HTTP</literal>.
Protocol <literal>PROTO_SR</literal> is no longer supported.
</para>
</note>
</sect2>
- <sect2><title>Data Exchange</title>
+ <sect2 id="comstack.data.exchange"><title>Data Exchange</title>
<synopsis>
int cs_put(COMSTACK handle, char *buf, int len);
</synopsis>
<para>
- Receives a PDU from the peer. Returns the number of bytes read.
+ Receives a PDU or HTTP Response from the peer. Returns the number of
+ bytes read.
In nonblocking mode, it is possible that not all of the packet can be
read at once. In this case, the function returns 1. To simplify the
interface, the function is
</para>
<synopsis>
- <host> [ ':' <portnum> ]
+ <host> [ ':' <portnum> ]
</synopsis>
<para>
</sect1>
+ <sect1 id="comstack.ssl"><title>SSL</title>
+ <para>
+ <synopsis>
+ void *cs_get_ssl(COMSTACK cs);
+ </synopsis>
+ Returns the SSL handle, <literal>SSL *</literal> for comstack. If comstack
+ is not of type SSL, NULL is returned.
+ </para>
+
+ <para>
+ <synopsis>
+ int cs_set_ssl_ctx(COMSTACK cs, void *ctx);
+ </synopsis>
+ Sets SSL context for comstack. The parameter is expected to be of type
+ <literal>SSL_CTX *</literal>. This function should be called just
+ after comstack has been created (before connect, bind, etc).
+ This function returns 1 for success; 0 for failure.
+ </para>
+
+ <para>
+ <synopsis>
+ int cs_set_ssl_certificate_file(COMSTACK cs, const char *fname);
+ </synopsis>
+ Sets SSL certificate for comstack as a PEM file. This function
+ returns 1 for success; 0 for failure.
+ </para>
+
+
+ <para>
+ <synopsis>
+ int cs_get_ssl_peer_certificate_x509(COMSTACK cs, char **buf, int *len);
+ </synopsis>
+ This function returns the peer certificate. If successful,
+ <literal>*buf</literal> and <literal>*len</literal> holds
+ X509 buffer and length respectively. Buffer should be freed
+ with <literal>xfree</literal>. This function returns 1 for success;
+ 0 for failure.
+ </para>
+
+ </sect1>
+
<sect1 id="comstack.diagnostics"><title>Diagnostics</title>
<para>
</para>
<synopsis>
- extern const char *cs_errlist[];
+ extern const char *cs_errlist[];
</synopsis>
<para>
projects / yaz-moved-to-github.git / blobdiff