diff options
author | Qijiang Fan <[email protected]> | 2015-04-16 22:25:57 +0800 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2015-05-12 14:04:06 +0200 |
commit | db509dd5debcd72d7f1d024d289315274f9b788b (patch) | |
tree | 9f8ccb37cf9ad162a2d1b90662109c1656d17017 /lib/ssl/doc | |
parent | 181ceb12675b59de9bd7a881fe9b58995d03bac0 (diff) | |
download | otp-db509dd5debcd72d7f1d024d289315274f9b788b.tar.gz otp-db509dd5debcd72d7f1d024d289315274f9b788b.tar.bz2 otp-db509dd5debcd72d7f1d024d289315274f9b788b.zip |
ssl: add option sni_fun
The newly added function sni_fun allows dynamic update of SSL options
like keys and certificates depending on different SNI hostname, rather
than a predefined rules of SSL options.
Diffstat (limited to 'lib/ssl/doc')
-rw-r--r-- | lib/ssl/doc/src/ssl.xml | 21 |
1 files changed, 20 insertions, 1 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 77f63dcecf..8a0bf69be4 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -108,10 +108,12 @@ <p><c>| {log_alert, boolean()}</c></p> <p><c>| {server_name_indication, hostname() | disable}</c></p> <p><c>| {sni_hosts, [{hostname(), ssloptions()}]}</c></p> + <p><c>| {sni_fun, SNIfun::fun()}</c></p> </item> <tag><c>transportoption() =</c></tag> <item><p><c>{cb_info, {CallbackModule::atom(), DataTag::atom(), + ClosedTag::atom(), ErrTag:atom()}}</c></p> <p>Defaults to <c>{gen_tcp, tcp, tcp_closed, tcp_error}</c>. Can be used to customize the transport layer. The callback module must implement a @@ -185,6 +187,9 @@ <item><p><c>srp_1024 | srp_1536 | srp_2048 | srp_3072 | srp_4096 | srp_6144 | srp_8192</c></p></item> + <tag><c>SNIfun::fun()</c></tag> + <item><p><c>= fun(ServerName :: string()) -> ssloptions()</c></p></item> + </taglist> </section> @@ -630,7 +635,21 @@ fun(srp, Username :: string(), UserState :: term()) -> <tag><c>{sni_hosts, [{hostname(), ssloptions()}]}</c></tag> <item><p>If the server receives a SNI (Server Name Indication) from the client matching a host listed in the <c>sni_hosts</c> option, the speicific options for - that host will override previously specified options.</p></item> + that host will override previously specified options. + + The option <c>sni_fun</c>, and <c>sni_hosts</c> are mutually exclusive.</p></item> + + <tag><c>{sni_fun, SNIfun::fun()}</c></tag> + <item><p>If the server receives a SNI (Server Name Indication) from the client, + the given function will be called to retrive <c>ssloptions()</c> for indicated server. + These options will be merged into predefined <c>ssloptions()</c>. + + The function should be defined as: + <c>fun(ServerName :: string()) -> ssloptions()</c> + and can be specified as a fun or as named <c>fun module:function/1</c> + + The option <c>sni_fun</c>, and <c>sni_hosts</c> are mutually exclusive.</p></item> + </taglist> </section> |