The underlying transport of a TLS session can be any Scheme
input/output port (see Ports and File Descriptors). This has to be specified using
set-session-transport-port!
.
However, for better performance, a raw file descriptor can be
specified, using set-session-transport-fd!
. For instance, if
the transport layer is a socket port over an OS-provided socket, you
can use the port->fdes
or fileno
procedure to obtain the
underlying file descriptor and pass it to
set-session-transport-fd!
(see port->fdes
and fileno
). This would work as follows:
(let ((socket (socket PF_INET SOCK_STREAM 0)) (session (make-session connection-end/client))) ;; ;; Establish a TCP connection... ;; ;; Use the file descriptor that underlies SOCKET. (set-session-transport-fd! session (fileno socket)))
Once a TLS session is established, data can be communicated through it
(i.e., via the TLS record layer) using the port returned by
session-record-port
:
(let ((session (make-session connection-end/client))) ;; ;; Initialize the various parameters of SESSION, set up ;; a network connection, etc... ;; (let ((i/o (session-record-port session))) (write "Hello peer!" i/o) (let ((greetings (read i/o))) ;; ... (bye session close-request/rdwr))))
A lower-level I/O API is provided by record-send
and
record-receive!
which take an SRFI-4 vector to represent the
data sent or received. While it might improve performance, it is much
less convenient than the above and should rarely be needed.