NextPrevUpTopContentsIndex

20.6 Dealing with SSL objects explictly

The C objects SSL and SSL_CTX are represented in LispWorks by foreign pointers with type ssl-pointer and ssl-ctx-pointer , which correspond to the C types SSL* and SSL_CTX*. These foreign types should be used for any foreign function that takes or returns these C types, and must be used when passing a foreign pointer as the value of the :ssl-ctx argument.

Making SSL objects is a way of getting access to them to perform configuration, but, especially in the case of the SSL_CTX, it is a useful way to avoid repeated calls to the configuration routines which may be time consuming. For example, if we have defined a function configure-a-ctx , and we want to read once every 60 seconds from some URL, we can write:

(loop (with-open-stream
          (str (comm:open-tcp-stream some-url
 443 :ssl-ctx t
                                     :ctx-configure-callback 'configure-a-ctx))
        (read-something str))
      (sleep 60))

This will cause configure-a-ctx to be called each time. If it is expensive, we can call it only once by changing the code to:

(let ((ctx (comm:make-ssl-ctx :ssl-side :client)))
  (configure-a-ctx ctx)
  (loop (with-open-stream
    (str (comm:open-tcp-stream some-url
 443 :ssl-ctx ctx))
          (read-something str))
        (sleep 60))
  (ssl-ctx-free ctx))

The SSL objects could be made either by make-ssl-ctx or ssl-new or by user code that calls the C functions SSL_CTX_new and SSL_new. destroy-ssl-ctx frees the SSL_CTX object. To free an SSL object you would call destroy-ssl . See the entries in the LispWorks Reference Manual for full descriptions of these functions.


LispWorks User Guide - 7 Jul 2004

NextPrevUpTopContentsIndex