ucspi-tls

NAME

DESCRIPTON

The file descriptor number of the control socket will be in the environment variable $SSLCTLFD.

The file descriptor number of the reading pipe will be in the environment variable $SSLREADFD, and the file descriptor number of the writing pipe will be in the environment variable $SSLWRITEFD.

It's possible for all three of these file descriptors to be the same.

USAGE

The control socket must accept at least these two commands:

y

Start TLS.

Y

Start TLS, and send optional SSL connection information back over the control socket. The SSL connection information will be in the in the form of an environment string, with zero or more environment variables, terminated by two ASCII NULL's. Each environment variable is stored as "VAR=val ", and an additional trailing   is used to indicate the end of all environment variables. If there are no variables to set, "  " should be used.

When TLS is started, the UCSPI-TLS enabled server will take control of the socket, and the application is expected to switch to the file descriptors in $SSLREADFD and $SSLWRITEFD for all future communications. Using the regular socket after activating TLS will probably just confuse the client.

Apache MOD_SSL

In particular, the variables SSL_CLIENT_SAN_Email_n and SSL_CLIENT_SAN_DNS_n for n = 0 and n = 1 are now considered.  

CREDITS

Index

NAME

DESCRIPTON

USAGE

Apache MOD_SSL

CREDITS