1 go.cypherpunks.ru/ucspi -- UCSPI-related utilities
3 UCSPI (UNIX Client-Server Program Interface, http://cr.yp.to/ucspi-tcp.html)
4 provides convenient and easy interface for building network client server
7 That modules provides TLS-related utilities, that could be more suitable
8 that OpenSSL-dependant ones, or also much more complicated stunnel.
10 * cmd/tlss: TLS server, that is intended to be run under another UCSPI
13 tcpserver ::0 443 tlss -cert cert.pem -key prv.pem program arg0 arg1 ...
15 Optionally it can require client's certificate verification, by
16 providing the PEM file with acceptable CAs. In that case, TLSREMOTEDN
17 environment variable is set, with the string representation of client's
18 certificate subject. Also PROTO=TLS is set.
20 * cmd/tlsc: TLS client, that is intended to be run under another UCSPI
23 tcpclient example.com 443 tlsc -name example.com program arg0 arg1 ...
25 Optionally it can authenticate to server using the certificate keypair
26 through -cert/-key options. -ca option allows overriding of the system
27 provided CAs. Also you can authenticate server against SHA256 hash of its
28 SPKI with -fpr option. PROTO=TLS and TLSREMOTEDN are always set. You can
29 disable authentication completely with -name "". -show option prints
30 connection state after handshake and outputs certificates information.
32 * cmd/proxy: proxy between UCSPI server and UCSPI client
34 go.cypherpunks.ru/ucspi is free software: see the file COPYING for