aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/doc/src
diff options
context:
space:
mode:
authorMagnus Henoch <[email protected]>2016-02-03 18:20:39 +0000
committerMagnus Henoch <[email protected]>2016-03-17 16:48:24 +0000
commit4b3a9cbeaa101603b6eaf6d68976e90780d85fc2 (patch)
treec2662280a2d89933f56ee90cc9b8465aa83ad4da /lib/ssl/doc/src
parentca946a3c64573295d289dbd556c375ec5259c4b3 (diff)
downloadotp-4b3a9cbeaa101603b6eaf6d68976e90780d85fc2.tar.gz
otp-4b3a9cbeaa101603b6eaf6d68976e90780d85fc2.tar.bz2
otp-4b3a9cbeaa101603b6eaf6d68976e90780d85fc2.zip
Allow passing verify_fun for TLS distribution
Accept a value of the form {Module, Function, State} from the command line. This is different from the {Fun, State} that ssl:connect etc expect, since there's no clean way to parse a fun from a command line argument.
Diffstat (limited to 'lib/ssl/doc/src')
-rw-r--r--lib/ssl/doc/src/ssl_distribution.xml9
1 files changed, 5 insertions, 4 deletions
diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml
index dc04d446b0..db867ea74b 100644
--- a/lib/ssl/doc/src/ssl_distribution.xml
+++ b/lib/ssl/doc/src/ssl_distribution.xml
@@ -196,6 +196,7 @@ Eshell V5.0 (abort with ^G)
<item><c>password</c></item>
<item><c>cacertfile</c></item>
<item><c>verify</c></item>
+ <item><c>verify_fun</c> (write as <c>{Module, Function, InitialUserState}</c>)</item>
<item><c>reuse_sessions</c></item>
<item><c>secure_renegotiate</c></item>
<item><c>depth</c></item>
@@ -203,6 +204,10 @@ Eshell V5.0 (abort with ^G)
<item><c>ciphers</c> (use old string format)</item>
</list>
+ <p>Note that <c>verify_fun</c> needs to be written in a different
+ form than the corresponding SSL option, since funs are not
+ accepted on the command line.</p>
+
<p>The server can also take the options <c>dhfile</c> and
<c>fail_if_no_peer_cert</c> (also prefixed).</p>
@@ -210,10 +215,6 @@ Eshell V5.0 (abort with ^G)
initiates a connection to another node. <c>server_</c>-prefixed
options are used when accepting a connection from a remote node.</p>
- <p>More complex options, such as <c>verify_fun</c>, are currently not
- available, but a mechanism to handle such options may be added in
- a future release.</p>
-
<p>Raw socket options, such as <c>packet</c> and <c>size</c> must not
be specified on the command line.</p>