Project

Topics

Namespaces

Public Vars

net.ssl

Clojure glue code to interact with the horrible JVM SSL code

*storage*

dynamic

Help net decide how to treat input. The default value of :guess will treat string input as paths under 256 chars - a common value for PATH_MAX - and inlined cert data above that.

A value of :data will always assume inlined certs, and a value of :file will always assume paths.

view source

->chain

(->chain fact cert-spec)

Get a certificate chain out of several certificate specs

view source

cert-bytes

(cert-bytes input)

Get certificate bytes out of an input.

view source

cert-string

(cert-string input)

Convert input to certificate bytes

view source

client-context

(client-context {:keys [bundle password cert pkey authority storage insecure]})

Build an SSL client context for netty

view source

handler-fn

(handler-fn ctx)

Build a handler function to be used in netty pipelines out of an SSL context. Will yield a 1-arity function of a context and a 3-arity function of a context, a host, and a port which will add a handler to the context.

view source

new-handler

(new-handler ctx channel)(new-handler ctx channel host port)

Create a new SSL handler from an SslContext

view source

s->cert

(s->cert factory input)

Generate an X509 from a given source.

view source

s->pkey

(s->pkey factory input)

When reading private keys, we unfortunately have to read PKCS8 encoded keys, short of pulling-in bouncy castle :-( Since these keys are usually DER encoded, they’re unconvienent to have laying around in strings. We resort to base64 encoded DER here.

view source

server-context

(server-context {:keys [pkey password cert auth-mode ca-cert ciphers cache-size session-timeout storage]})

Build an SSL client context for netty

view source