const struct socket_ops *socket_tls_ops(enum socket_type type);
+struct tstream_context;
+struct tstream_tls_params;
+
+/**
+ * @brief Initiate a TLS tunnel on top of a given tstream
+ *
+ * @param[in] mem_ctx
+ * @param[in] ev
+ *
+ * @param[in] plain_stream The plain tstream which is used as transport.
+ * It's important that the caller keeps the "plain"
+ * tstream_context arround during the whole life
+ * time of the "tls" tstream_context!
+ * Note: tstream_disconnect_send()/recv() doesn't
+ * disconnect the "plain" tstream_context.
+ *
+ * @param[in] tls_params ...
+ *
+ * @return
+ *
+ * @see tstream_tls_connect_recv
+ */
+#ifdef DOXYGEN
+struct tevent_req *tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params);
+#else
+struct tevent_req *_tstream_tls_connect_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params,
+ const char *location);
+#define tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params); \
+ _tstream_tls_connect_send(mem_ctx, ev, plain_stream, tls_params, __location__)
+#endif
+
+/**
+ * @brief Receives the async result of tevent_tls_connect_send
+ *
+ * @param[in] req
+ *
+ * @param[out] perrno
+ *
+ * @param[in] mem_ctx
+ *
+ * @param[out] tls_stream
+ *
+ * @return
+ *
+ * @see tstream_tls_connect_send
+ */
+int tstream_tls_connect_recv(struct tevent_req *req,
+ int *perrno,
+ TALLOC_CTX *mem_ctx,
+ struct tstream_context **tls_stream);
+
+/**
+ * @brief Accept a TLS tunnel on top of a given tstream
+ *
+ * @param[in] mem_ctx
+ * @param[in] ev
+ *
+ * @param[in] plain_stream The plain tstream which is used as transport.
+ * It's important that the caller keeps the "plain"
+ * tstream_context arround during the whole life
+ * time of the "tls" tstream_context!
+ * Note: tstream_disconnect_send()/recv() doesn't
+ * disconnect the "plain" tstream_context.
+ *
+ * @param[in] tls_params ...
+ *
+ * @return
+ *
+ * @see tstream_tls_accept_recv
+ */
+#ifdef DOXYGEN
+struct tevent_req *tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params);
+#else
+struct tevent_req *_tstream_tls_accept_send(TALLOC_CTX *mem_ctx,
+ struct tevent_context *ev,
+ struct tstream_context *plain_stream,
+ struct tstream_tls_params *tls_params,
+ const char *location);
+#define tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params); \
+ _tstream_tls_accept_send(mem_ctx, ev, plain_stream, tls_params, __location__)
#endif
+
+/**
+ * @brief Receives the async result of tevent_tls_accept_send
+ *
+ * @param[in] req
+ *
+ * @param[out] perrno
+ *
+ * @param[in] mem_ctx
+ *
+ * @param[out] tls_stream
+ *
+ * @return
+ *
+ * @see tstream_tls_accept_send
+ */
+int tstream_tls_accept_recv(struct tevent_req *req,
+ int *perrno,
+ TALLOC_CTX *mem_ctx,
+ struct tstream_context **tls_stream);
+
+#endif /* _TLS_H_ */