TLS configuration changed to use discret _set_tls and _get_tls functions.

This is simpler, and more reliable than using socket options.

5 files changed, 41 insertions, 28 deletions

diff --git a/docs/man/nng_tls.7.adoc b/docs/man/nng_tls.7.adoc
index 73a63a9f..a4b39f48 100644
--- a/docs/man/nng_tls.7.adoc
+++ b/docs/man/nng_tls.7.adoc
@@ -107,7 +107,6 @@ Note that setting these must be done before the transport is started.
 * xref:nng_options.5.adoc#NNG_OPT_REMADDR[`NNG_OPT_REMADDR`]
 * xref:nng_tcp_options.5.adoc#NNG_OPT_TCP_KEEPALIVE[`NNG_OPT_TCP_KEEPALIVE`]
 * xref:nng_tcp_options.5.adoc#NNG_OPT_TCP_NODELAY[`NNG_OPT_TCP_NODELAY`]
-* xref:nng_tls_options.5.adoc#NNG_OPT_TLS_CONFIG[`NNG_OPT_TLS_CONFIG`]
 * xref:nng_tls_options.5.adoc#NNG_OPT_TLS_VERIFIED[`NNG_OPT_TLS_VERIFIED_`]
 * xref:nng_tls_options.5.adoc#NNG_OPT_TLS_PEER_CN[`NNG_OPT_TLS_PEER_CN`]
 * xref:nng_tls_options.5.adoc#NNG_OPT_TLS_PEER_ALT_NAMES[`NNG_OPT_TLS_PEER_ALT_NAMES`]
diff --git a/docs/man/nng_tls_options.5.adoc b/docs/man/nng_tls_options.5.adoc
index cf2a99cf..5921246f 100644
--- a/docs/man/nng_tls_options.5.adoc
+++ b/docs/man/nng_tls_options.5.adoc
@@ -20,7 +20,6 @@ nng_tls_options - TLS-specific options
 ----
 #include <nng/nng.h>
 
-#define NNG_OPT_TLS_CONFIG         "tls-config"
 #define NNG_OPT_TLS_VERIFIED       "tls-verified"
 #define NNG_OPT_TLS_PEER_CN        "tls-peer-cn"
 #define NNG_OPT_TLS_PEER_ALT_NAMES "tls-peer-alt-names"
@@ -43,18 +42,18 @@ description of the option.
 
 === TLS Options
 
-[[NNG_OPT_TLS_CONFIG]]((`NNG_OPT_TLS_CONFIG`))::
-(`nng_tls_config *`)
-This option references the underlying
-xref:nng_tls_config.5.adoc[TLS configuration object].
-A hold is placed on the underlying
-configuration object before returning it.
-+
-NOTE: The caller should release the hold with
-xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no
-longer needs the TLS configuration object.
-+
-TIP: Use this option when more advanced TLS configuration is required.
+// [[NNG_OPT_TLS_CONFIG]]((`NNG_OPT_TLS_CONFIG`))::
+// (`nng_tls_config *`)
+// This option references the underlying
+// xref:nng_tls_config.5.adoc[TLS configuration object].
+// A hold is placed on the underlying
+// configuration object before returning it.
+// +
+// NOTE: The caller should release the hold with
+// xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no
+// longer needs the TLS configuration object.
+// +
+// TIP: Use this option when more advanced TLS configuration is required.
 
 [[NNG_OPT_TLS_VERIFIED]]((`NNG_OPT_TLS_VERIFIED`))::
 (`bool`)
diff --git a/docs/man/nng_ws.7.adoc b/docs/man/nng_ws.7.adoc
index 07c6cd14..938b16a9 100644
--- a/docs/man/nng_ws.7.adoc
+++ b/docs/man/nng_ws.7.adoc
@@ -145,17 +145,17 @@ When set, the stream will send TEXT frames instead of BINARY frames.
 NOTE: NNG does not check the frame data, and will attempt to send whatever the client requests.
 Peers that are compliant with RFC 6455 will discard TEXT frames (and break the connection) if they do not contain valid UTF-8.
 
-((`NNG_OPT_TLS_CONFIG`))::
+// ((`NNG_OPT_TLS_CONFIG`))::
 
-(`nng_tls_config *`) The underlying TLS
-configuration object for `wss://` endpoints.
-A hold is placed on the underlying
-configuration object before returning it.
-The caller should release the object with
-xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no
-longer needs the TLS configuration.
+// (`nng_tls_config *`) The underlying TLS
+// configuration object for `wss://` endpoints.
+// A hold is placed on the underlying
+// configuration object before returning it.
+// The caller should release the object with
+// xref:nng_tls_config_free.3tls.adoc[`nng_tls_config_free()`] when it no
+// longer needs the TLS configuration.
 
-TIP: Use this option when advanced TLS configuration is required.
+// TIP: Use this option when advanced TLS configuration is required.
 
 `NNG_OPT_TLS_VERIFIED`::
 (`bool`) Whether the remote peer has been properly verified using TLS
diff --git a/docs/ref/migrate/nng1.md b/docs/ref/migrate/nng1.md
index d98b79f0..7a6698d0 100644
--- a/docs/ref/migrate/nng1.md
+++ b/docs/ref/migrate/nng1.md
@@ -33,14 +33,21 @@ The `NNG_OPT_WSS_REQUEST_HEADERS` and `NNG_OPT_WSS_RESPONSE_HEADERS` aliases for
 Just convert any use of them to `NNG_OPT_WS_REQUEST_HEADERS` or
 `NNG_OPT_WS_RESPONSE_HEADERS` as appropriate.
 
-## TLS Options
+## TLS Configuration
 
-The support for configuring TLS via `NNG_TLS_AUTH_MODE`, `NNG_OPT_TLS_CA_FILE`, `NNG_OPT_TLS_SERVER_NAME`,
-and similar has been removed. Instead configuration must be performed by allocating
+The support for configuring TLS via `NNG_OPT_TLS_CONFIG`, `NNG_TLS_AUTH_MODE`, `NNG_OPT_TLS_CA_FILE`,
+`NNG_OPT_TLS_SERVER_NAME`, and similar has been removed.
+
+Instead configuration must be performed by allocating
 a `nng_tls_config` object, and then setting fields on it using the appropriate functions,
-after which it may be configured on a listener or dialer using the `NNG_OPT_TLS_CONFIG` option.
+after which it may be configured on a listener or dialer using the [`nng_listener_set_tls`]
+or [`nng_dialer_set_tls`] functions.
+
+Likewise, when using the streams API, use the [`nng_stream_listener_set_tls`] or
+[`nng_stream_dialer_set_tls`] functions.
 
-Note that TLS configuration is now available in `<nng/nng.h>`, rather than the supplemental header.
+Note that the declarations needed for TLS configuration are now available in `<nng/nng.h>`,
+rather than the supplemental header.
 
 ## Option Functions
 
diff --git a/docs/ref/xref.md b/docs/ref/xref.md
index 30714dc6..1139fa87 100644
--- a/docs/ref/xref.md
+++ b/docs/ref/xref.md
@@ -78,6 +78,14 @@
 [`nng_sub0_ctx_unsubscribe`]: /TODO.md
 [`nng_sub0_socket_subscribe`]: /TODO.md
 [`nng_sub0_socket_unsubscribe`]: /TODO.md
+[`nng_dialer_set_tls`]: /TODO.md
+[`nng_dialer_get_tls`]: /TODO.md
+[`nng_listener_set_tls`]: /TODO.md
+[`nng_listener_get_tls`]: /TODO.md
+[`nng_stream_dialer_set_tls`]: /TODO.md
+[`nng_stream_dialer_get_tls`]: /TODO.md
+[`nng_stream_listener_set_tls`]: /TODO.md
+[`nng_stream_listener_get_tls`]: /TODO.md
 [`nng_opts_parse`]: /api/cmd_opts.md#parse-command-line-options
 [`nng_aio_begin`]: /TODO.md
 [`nng_aio_defer`]: /TODO.md