diff options
| author | Ingela Anderton Andin <[email protected]> | 2017-07-10 12:20:27 +0200 |
|---|---|---|
| committer | Ingela Anderton Andin <[email protected]> | 2017-07-10 12:20:27 +0200 |
| commit | af1405c9af1ec183bd5a728d0224967be8ca01b7 (patch) | |
| tree | d455313b4810a190db2e9c90d2b681d2a2b4892b /lib/public_key/doc/src/public_key.xml | |
| parent | 636a6faa59bc11e14de27358633c64f35ed075af (diff) | |
| parent | 47740707d585b275f08b4f0900f854cb87f0e825 (diff) | |
| download | otp-af1405c9af1ec183bd5a728d0224967be8ca01b7.tar.gz otp-af1405c9af1ec183bd5a728d0224967be8ca01b7.tar.bz2 otp-af1405c9af1ec183bd5a728d0224967be8ca01b7.zip | |
Merge branch 'ingela/public_key/ssl/CRL-error-propagation/OTP-14236' into maint
* ingela/public_key/ssl/CRL-error-propagation/OTP-14236:
ssl: Try to make asn1 decode errors of certificates as specific as possible
ssl,public_key: Provide details for CRL check failiures when revokation state can not be determined
ssl: Enhance error logging
Diffstat (limited to 'lib/public_key/doc/src/public_key.xml')
| -rw-r--r-- | lib/public_key/doc/src/public_key.xml | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml index 35f9e86cad..942203bd12 100644 --- a/lib/public_key/doc/src/public_key.xml +++ b/lib/public_key/doc/src/public_key.xml @@ -634,8 +634,8 @@ fun(OtpCert :: #'OTPCertificate'{}, <v>OTPCertificate = #'OTPCertificate'{}</v> <v>DPAndCRLs = [{DP::#'DistributionPoint'{}, {DerCRL::der_encoded(), CRL::#'CertificateList'{}}}] </v> <v>Options = proplists:proplist()</v> - <v>CRLStatus() = valid | {bad_cert, revocation_status_undetermined} | - {bad_cert, {revoked, crl_reason()}}</v> + <v>CRLStatus() = valid | {bad_cert, revocation_status_undetermined} | {bad_cert, {revocation_status_undetermined, + {bad_crls, Details::term()}}} | {bad_cert, {revoked, crl_reason()}}</v> </type> <desc> <p>Performs CRL validation. It is intended to be called from @@ -663,7 +663,7 @@ fun(OtpCert :: #'OTPCertificate'{}, <tag>{issuer_fun, fun()}</tag> <item> <p>The fun has the following type specification:</p> - + <code> fun(#'DistributionPoint'{}, #'CertificateList'{}, {rdnSequence,[#'AttributeTypeAndValue'{}]}, term()) -> @@ -673,7 +673,15 @@ fun(#'DistributionPoint'{}, #'CertificateList'{}, that has signed the CRL. </p> <code> fun(DP, CRL, Issuer, UserState) -> {ok, RootCert, CertChain}</code> - </item> + </item> + + <tag>{undetermined_details, boolean()}</tag> + <item> + <p>Defaults to false. When revocation status can not be + determined, and this option is set to true, details of why no + CRLs where accepted are included in the return value.</p> + </item> + </taglist> </desc> </func> |