This file is indexed.

/usr/lib/ocaml/equeue-ssl/https_client.mli is in libocamlnet-ssl-ocaml-dev 3.7.3-3build2.

This file is owned by root:root, with mode 0o644.

The actual contents of the file can be viewed below.

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
(* $Id: https_client.mli 1745 2012-03-01 17:31:29Z gerd $ *)

(** HTTPS extension to {!Http_client} *)

type channel_binding_id = int
(** Same as {!Http_client.channel_binding_id} *)	  

class type transport_channel_type =
object
  method setup_e : Unix.file_descr -> channel_binding_id -> float -> exn -> 
                   string -> int -> Unixqueue.event_system ->
                   Uq_engines.multiplex_controller Uq_engines.engine
  method continue : Unix.file_descr -> channel_binding_id -> float -> exn ->
                   string -> int -> Unixqueue.event_system ->
                   Uq_engines.multiplex_controller
end
(** Same as {!Http_client.transport_channel_type} *)	  

val https_transport_channel_type : 
      ?verify:(Ssl.context -> Ssl.socket -> Unix.file_descr -> unit) ->
      Ssl.context -> transport_channel_type
  (** Configures a TLS tunnel for this context.

      The [verify] callback is invoked right after connecting to the
      remote socket and finishing the SSL handshake. The user can do here
      additional checks whether the peer is acceptable. If not acceptable,
      raise an exception.
   *)

(** {2 How to configure a pipeline for TLS}

    Just follow this recipe:

    1. Create the [Ssl] context:

    {[ Ssl.init() ]}

    {[ let ctx = Ssl.create_context Ssl.TLSv1 Ssl.Client_context ]}

    2. Create the transport channel type:

    {[ let tct = Https_client.https_transport_channel_type ctx ]}

    3. Configure the transport:

    {[ pipeline # configure_transport Http_client.https_cb_id tct ]}

    Now all URLs starting with "https://" will use this transport.
    If you need more control about the type of SSL/TLS channel, you
    can create new channel binding IDs, and configure these in addition.
    For each message needing a specific context, just set the
    channel binding ID (method [set_channel_binding] of the message).
 *)

(** {2 How to configure the Convenience module}

    Just do once:

    {[
    Ssl.init();
    Http_client.Convenience.configure_pipeline
      (fun p ->
         let ctx = Ssl.create_context Ssl.TLSv1 Ssl.Client_context in
         let tct = Https_client.https_transport_channel_type ctx in
         p # configure_transport Http_client.https_cb_id tct
      )
    ]}

    This will enable "https" for the functions in {!Http_client.Convenience},
    e.g. {[ let data = Http_client.Convenience.http_get "https://url" ]}

 *)

(** {2 How to configure {!Http_fs}}

    Just do once:

    {[
    Ssl.init()
    ]}

    and create the [http_fs] object with

    {[
    Http_fs.http_fs 
      ~config_pipeline:(
        fun p ->
	  let ctx = Ssl.create_context Ssl.TLSv1 Ssl.Client_context in
	  let tct = Https_client.https_transport_channel_type ctx in
	  p # configure_transport Http_client.https_cb_id tct
      )
      "https://root-url"
    ]}

 *)


(** {2 Features and limitations} 

    We only implement RFC 2618, i.e. secure connections on a separate
    port (443 instead of 80). There is no support (yet) for RFC 2617,
    i.e. upgrading an existing insecure connection to a secure one.

    If an HTTP proxy server is configured, the TLS connection is established
    via the CONNECT method (documented in RFC 2617).

    Alternatively, it is also possible to connect via SOCKS version 5
    proxies.

    There is, so far, no support for reusing TLS sessions across connections.
    For every connection a new TLS session is created.
 *)