Merge branch 'anders/diameter/tls_over_tcp/OTP-9605'

* anders/diameter/tls_over_tcp/OTP-9605:
  Move init/end_per_suite into testcases
  Skip tls testsuite if there's no openssl
  Clarify that ssl must be started for TLS support
  Add tls support at connection establishment
  Add tls testsuite
  Documentation updates
  Close transport if tls is requested over sctp
  Handle tls notification for tcp
  Lift recursion in tcp message reception up the call chain
  Add tls support to capabilities exchange

1 files changed, 7 insertions, 3 deletions

diff --git a/lib/diameter/doc/src/diameter_soc.xml b/lib/diameter/doc/src/diameter_soc.xml
index 4f8581a904..6b9ef9f756 100644
--- a/lib/diameter/doc/src/diameter_soc.xml
+++ b/lib/diameter/doc/src/diameter_soc.xml
@@ -57,9 +57,13 @@ including the P Flag in the AVP header.</p>
 
 <item>
 <p>
-There is no TLS support.
-It's unclear (aka uninvestigated) how TLS would impact
-diameter but IPsec can be used without it needing to know.</p>
+There is no TLS support over SCTP.
+RFC 3588 requires that a Diameter server support TLS but in
+practise this seems to mean TLS over SCTP since there are limitations
+with running over SCTP: see RFC 6083 (DTLS over SCTP), which is a
+response to RFC 3436 (TLS over SCTP).
+The current RFC 3588 draft acknowledges this by equating
+TLS with TLS/TCP and DTLS/SCTP but we do not yet support DTLS.</p>
 </item>
 
 <item>