• Scieneer Common Lisp 1.3.9 online documentation

    ssl:make-ssl-server-stream fd &key element-type external-format buffering timeout expiration certificate key verify-mode verify-depth ciphers options ssl-context[Function]

    Make a new SSL server stream on the given socket fd, returning the new stream upon success, and signaling an appropriate error upon failure. The socket fd is not closed upon a failure, and the caller is expected to ensure the socket is closed if necessary.

    :element-type
    Indicates the element type to use. Only the character and '(unsigned-byte 8) types are supported.
    :external-format
    For a character stream this is the external character format to use. The default value is :default for which the value of ext:*default-external-format* is used.
    :buffering
    Indicates the kind of output buffer flushing to use which may be one of: :none, :line, or the default :full. Line buffering is only applicable to character streams.
    :timeout
    The number of seconds to wait for an input or output operation. If false, which is the default, then wait forever. When a timeout occurs the sys:io-timeout condition is signaled.
    :expiration
    The number of seconds before the stream expires. If false, which is the default, then the stream does not expire. When the stream expires the sys:io-timeout condition is signaled until the expiration time is reset.
    :ssl-context
    The SSL context in which the stream will be created. If not supplied then the ssl:*default-ssl-context* is used, and a default context is created if necessary. See also: ssl:make-ssl-context, and ssl:initialize-ssl-context.

    The following SSL options are accepted and override the SSL context defaults:

    :certificate
    The certificate file to use, in PEM format.
    :key
    The key file to use. If the key is password protected then the password must have been specified in the SSL global context, see ssl:initialize-ssl-context. If the key file is nil then the certificate file is used.
    :verify-mode
    One of the following
    :none
    Do not send a client certificate request.
    :request
    Send a client certificate request, and check the returned certificate if any. The client is not required to return a certificate.
    :require
    Send a client certificate request, requiring the client to sent a certificate which is checked.
    :verify-depth
    The limit up to which depth certificates in a chain are used during the verification procedure. Certificates above the limit are ignored.
    :ciphers
    A colon separated list of the restricted set of ciphers to use.
  •