aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/doc/src
diff options
context:
space:
mode:
authorHenrik Nord <[email protected]>2016-02-25 10:52:44 +0100
committerHenrik Nord <[email protected]>2016-02-25 10:52:44 +0100
commit0a66b4b0f4c73e915e4404a284ca659edd6567b4 (patch)
tree0e9ab55d9d752391e8794db7f6dd4fcb2d789bb4 /lib/ssl/doc/src
parent93c6b942bf99e73e566e3ab8c6dea1848a1e4b1e (diff)
parenta567dca5ea418a0aaaed8fb4359032b11f28cccd (diff)
downloadotp-0a66b4b0f4c73e915e4404a284ca659edd6567b4.tar.gz
otp-0a66b4b0f4c73e915e4404a284ca659edd6567b4.tar.bz2
otp-0a66b4b0f4c73e915e4404a284ca659edd6567b4.zip
Merge branch 'legoscia/critical-extension-verify-none' into maint
* legoscia/critical-extension-verify-none: ssl: with verify_none, accept critical extensions OTP-13377
Diffstat (limited to 'lib/ssl/doc/src')
-rw-r--r--lib/ssl/doc/src/ssl.xml8
1 files changed, 7 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index d3881ad117..a76d46ee9b 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -271,7 +271,11 @@ atom()}} |
terminate regarding verification failures and the connection is
established.</p></item>
<item><p>If called with an extension unknown to the user application,
- return value <c>{unknown, UserState}</c> is to be used.</p></item>
+ return value <c>{unknown, UserState}</c> is to be used.</p>
+
+ <p>Note that if the fun returns <c>unknown</c> for an extension marked
+ as critical, validation will fail.</p>
+ </item>
</list>
<p>Default option <c>verify_fun</c> in <c>verify_peer mode</c>:</p>
@@ -293,6 +297,8 @@ atom()}} |
<code>
{fun(_,{bad_cert, _}, UserState) ->
{valid, UserState};
+ (_,{extension, #'Extension'{critical = true}}, UserState) ->
+ {valid, UserState};
(_,{extension, _}, UserState) ->
{unknown, UserState};
(_, valid, UserState) ->