Scieneer Common Lisp 1.3.9 online documentation

ssl:make-ssl-server-stream fd &key element-type external-format buffering timeout expiration certificate key verify-mode verify-depth ciphers options ssl-context[Function]

Make a new SSL server stream on the given socket fd, returning the new stream upon success, and signaling an appropriate error upon failure. The socket fd is not closed upon a failure, and the caller is expected to ensure the socket is closed if necessary.

:element-type
Indicates the element type to use. Only the character and '(unsigned-byte 8) types are supported.
:external-format
For a character stream this is the external character format to use. The default value is :default for which the value of ext:*default-external-format* is used.
:buffering
Indicates the kind of output buffer flushing to use which may be one of: :none, :line, or the default :full. Line buffering is only applicable to character streams.
:timeout
The number of seconds to wait for an input or output operation. If false, which is the default, then wait forever. When a timeout occurs the sys:io-timeout condition is signaled.
:expiration
The number of seconds before the stream expires. If false, which is the default, then the stream does not expire. When the stream expires the sys:io-timeout condition is signaled until the expiration time is reset.
:ssl-context
The SSL context in which the stream will be created. If not supplied then the ssl:*default-ssl-context* is used, and a default context is created if necessary. See also: ssl:make-ssl-context, and ssl:initialize-ssl-context.

The following SSL options are accepted and override the SSL context defaults:

:certificate
The certificate file to use, in PEM format.
:key
The key file to use. If the key is password protected then the password must have been specified in the SSL global context, see ssl:initialize-ssl-context. If the key file is nil then the certificate file is used.
:verify-mode
One of the following
:none
Do not send a client certificate request.
:request
Send a client certificate request, and check the returned certificate if any. The client is not required to return a certificate.
:require
Send a client certificate request, requiring the client to sent a certificate which is checked.
:verify-depth
The limit up to which depth certificates in a chain are used during the verification procedure. Certificates above the limit are ignored.
:ciphers
A colon separated list of the restricted set of ciphers to use.