diff options
| author | Henrik Nord <[email protected]> | 2016-02-25 10:52:44 +0100 |
|---|---|---|
| committer | Henrik Nord <[email protected]> | 2016-02-25 10:52:44 +0100 |
| commit | 0a66b4b0f4c73e915e4404a284ca659edd6567b4 (patch) | |
| tree | 0e9ab55d9d752391e8794db7f6dd4fcb2d789bb4 /lib/ssl/doc/src/ssl.xml | |
| parent | 93c6b942bf99e73e566e3ab8c6dea1848a1e4b1e (diff) | |
| parent | a567dca5ea418a0aaaed8fb4359032b11f28cccd (diff) | |
| download | otp-0a66b4b0f4c73e915e4404a284ca659edd6567b4.tar.gz otp-0a66b4b0f4c73e915e4404a284ca659edd6567b4.tar.bz2 otp-0a66b4b0f4c73e915e4404a284ca659edd6567b4.zip | |
Merge branch 'legoscia/critical-extension-verify-none' into maint
* legoscia/critical-extension-verify-none:
ssl: with verify_none, accept critical extensions
OTP-13377
Diffstat (limited to 'lib/ssl/doc/src/ssl.xml')
| -rw-r--r-- | lib/ssl/doc/src/ssl.xml | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index d3881ad117..a76d46ee9b 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -271,7 +271,11 @@ atom()}} | terminate regarding verification failures and the connection is established.</p></item> <item><p>If called with an extension unknown to the user application, - return value <c>{unknown, UserState}</c> is to be used.</p></item> + return value <c>{unknown, UserState}</c> is to be used.</p> + + <p>Note that if the fun returns <c>unknown</c> for an extension marked + as critical, validation will fail.</p> + </item> </list> <p>Default option <c>verify_fun</c> in <c>verify_peer mode</c>:</p> @@ -293,6 +297,8 @@ atom()}} | <code> {fun(_,{bad_cert, _}, UserState) -> {valid, UserState}; + (_,{extension, #'Extension'{critical = true}}, UserState) -> + {valid, UserState}; (_,{extension, _}, UserState) -> {unknown, UserState}; (_, valid, UserState) -> |