The underlying transport of a TLS session can be any Scheme
input/output port (see Ports and File Descriptors). This has to be specified using
set-session-transport-port!.
However, for better performance, a raw file descriptor can be
specified, using set-session-transport-fd!. For instance, if
the transport layer is a socket port over an OS-provided socket, you
can use the port->fdes or fileno procedure to obtain the
underlying file descriptor and pass it to
set-session-transport-fd! (see port->fdes and fileno). This would work as follows:
(let ((socket (socket PF_INET SOCK_STREAM 0))
(session (make-session connection-end/client)))
;;
;; Establish a TCP connection...
;;
;; Use the file descriptor that underlies SOCKET.
(set-session-transport-fd! session (fileno socket)))
Once a TLS session is established, data can be communicated through it
(i.e., via the TLS record layer) using the port returned by
session-record-port:
(let ((session (make-session connection-end/client)))
;;
;; Initialize the various parameters of SESSION, set up
;; a network connection, etc...
;;
(let ((i/o (session-record-port session)))
(write "Hello peer!" i/o)
(let ((greetings (read i/o)))
;; ...
(bye session close-request/rdwr))))
A lower-level I/O API is provided by record-send and
record-receive! which take an SRFI-4 vector to represent the
data sent or received. While it might improve performance, it is much
less convenient than the above and should rarely be needed.