Scieneer Common Lisp 1.3.9 online documentation

ssl:make-ssl-client-stream fd &key element-type external-format buffering timeout expiration certificate key verify-mode verify-depth ciphers options ssl-context[Function]

Make a new SSL client stream on the given socket fd, returning the new stream upon success, and signaling an appropriate error upon failure. The socket fd is not closed upon a failure, and the caller is expected to ensure the socket is closed if necessary.

:element-type
Indicates the element type to use. Only the character and '(unsigned-byte 8) types are supported.
:external-format
For a character stream this is the external character format to use. The default value is :default for which the value of ext:*default-external-format* is used.
:buffering
Indicates the kind of output buffer flushing to use which may be one of: :none, :line, or the default :full. Line buffering is only applicable to character streams.
:timeout
The number of seconds to wait for an input or output operation. If false, which is the default, then wait forever. When a timeout occurs the sys:io-timeout condition is signaled.
:expiration
The number of seconds to before the stream expires. If false, which is the default, then the stream does not expire. When the stream expires the sys:io-timeout condition is signaled until the expiration time is reset.
:ssl-context
The SSL context in which the stream will be created. If not supplied then the ssl:*default-ssl-context* is used, and a default context is created if necessary. See also: ssl:make-ssl-context, and ssl:initialize-ssl-context.

The following SSL options are accepted and override the global SSL context defaults:

:certificate
The certificate file to use, in PEM format.
:key
The key file to use. If the key is password protected then the password must have been specified in the SSL global context, see ssl:initialize-ssl-context. If the key file is nil then the certificate file is used.
:verify-mode
One of the following
:none
The server certificate, if any, is checked but the connection handshake will proceed regardless of the result of the server certificate verification. The verification result may be checked with ssl:ssl-stream-verify-result.
:request
The server certificate, if any, is checked and the handshake is terminated immediately upon a verification failure. A server certificate is not required.
:require
The server certificate is required and is checked and the handshake is terminated immediately upon a verification failure.
:verify-depth
The limit up to which depth certificates in a chain are used during the verification procedure. Certificates above the limit are ignored.
:ciphers
A colon separated list of the restricted set of ciphers to use.