diff options
| author | Anders Svensson <[email protected]> | 2011-10-10 11:13:58 +0200 |
|---|---|---|
| committer | Anders Svensson <[email protected]> | 2011-10-10 11:13:58 +0200 |
| commit | eb9656c94f4e92c2a4875dc628cb41d283dd4d2b (patch) | |
| tree | 998adcdcf2386125e34c5d7bd389f43772f31c7b /lib/diameter/doc/src/diameter_transport.xml | |
| parent | cf1de23f71d22c1b9d9502882136b320a087d7e3 (diff) | |
| parent | 942e68d3f93ce686a16d27716892e7c0d2e5872b (diff) | |
| download | otp-eb9656c94f4e92c2a4875dc628cb41d283dd4d2b.tar.gz otp-eb9656c94f4e92c2a4875dc628cb41d283dd4d2b.tar.bz2 otp-eb9656c94f4e92c2a4875dc628cb41d283dd4d2b.zip | |
Merge branch 'anders/diameter/tls_over_tcp/OTP-9605'
* anders/diameter/tls_over_tcp/OTP-9605:
Move init/end_per_suite into testcases
Skip tls testsuite if there's no openssl
Clarify that ssl must be started for TLS support
Add tls support at connection establishment
Add tls testsuite
Documentation updates
Close transport if tls is requested over sctp
Handle tls notification for tcp
Lift recursion in tcp message reception up the call chain
Add tls support to capabilities exchange
Diffstat (limited to 'lib/diameter/doc/src/diameter_transport.xml')
| -rw-r--r-- | lib/diameter/doc/src/diameter_transport.xml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/lib/diameter/doc/src/diameter_transport.xml b/lib/diameter/doc/src/diameter_transport.xml index 37cc871e75..087a90b099 100644 --- a/lib/diameter/doc/src/diameter_transport.xml +++ b/lib/diameter/doc/src/diameter_transport.xml @@ -143,6 +143,34 @@ connection. Pid is the pid() of the parent process.</p> </item> +<tag><c>{diameter, {tls, Ref, Type, Bool}}</c></tag> +<item> +<p> +Indication of whether or not capabilities exchange has selected +inband security using TLS. +Ref is a reference() that must be included in the +<c>{diameter, {tls, Ref}}</c> reply message to the transport's +parent process (see below). +Type is either <c>connect</c> or <c>accept</c> depending on +whether the process has been started for a connecting or listening +transport respectively. +Bool is a boolean() indicating whether or not the transport connection +should be upgraded to TLS.</p> + +<p> +If TLS is requested (Bool = true) then a connecting process should +initiate a TLS handshake with the peer and an accepting process should +prepare to accept a handshake. +A successful handshake should be followed by a <c>{diameter, {tls, Ref}}</c> +message to the parent process. +A failed handshake should cause the process to exit.</p> + +<p> +This message is only sent to a transport process over whose +<c>Inband-Security-Id</c> configuration has indicated support for +TLS.</p> +</item> + </taglist> <p> @@ -184,6 +212,16 @@ How the <c>transport_data</c> is used/interpreted is up to the transport module.</p> </item> +<tag><c>{diameter, {tls, Ref}}</c></tag> +<item> +<p> +Acknowledgment of a successful TLS handshake. +Ref is the reference() received in the +<c>{diameter, {tls, Ref, Type, Bool}}</c> message in response +to which the reply is sent. +A transport must exit if a handshake is not successful.</p> +</item> + </taglist> </section> |