diff options
author | Ingela Anderton Andin <[email protected]> | 2018-06-08 09:56:43 +0200 |
---|---|---|
committer | Ingela Anderton Andin <[email protected]> | 2018-06-08 09:56:43 +0200 |
commit | cabbb94eab4d94f3c924f8854e3f030d7ceca9cc (patch) | |
tree | 4b53159ae1918ef7d8b2814dfb45f71cd62b0910 /lib/ssl/doc | |
parent | ec031cb823e7691ab28d7599a4064331ccd90754 (diff) | |
parent | f821c91cebe0cee22c1c6e0a9dfe45d4e9b5f129 (diff) | |
download | otp-cabbb94eab4d94f3c924f8854e3f030d7ceca9cc.tar.gz otp-cabbb94eab4d94f3c924f8854e3f030d7ceca9cc.tar.bz2 otp-cabbb94eab4d94f3c924f8854e3f030d7ceca9cc.zip |
Merge branch 'ingela/ssl/verify-hostname-customize/OTP-15102'
* ingela/ssl/verify-hostname-customize/OTP-15102:
ssl: Add option customize_hostname_check
Diffstat (limited to 'lib/ssl/doc')
-rw-r--r-- | lib/ssl/doc/src/ssl.xml | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 029f29cdb3..825bf46459 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -89,6 +89,7 @@ [binary()]} | {client | server, [binary()], binary()}}</c></p> <p><c>| {log_alert, boolean()}</c></p> <p><c>| {server_name_indication, hostname() | disable}</c></p> + <p><c>| {customize_hostname_check, list()}</c></p> <p><c>| {sni_hosts, [{hostname(), [ssl_option()]}]}</c></p> <p><c>| {sni_fun, SNIfun::fun()}</c></p> </item> @@ -649,6 +650,14 @@ fun(srp, Username :: string(), UserState :: term()) -> disables the hostname verification check <seealso marker="public_key:public_key#pkix_verify_hostname-2">public_key:pkix_verify_hostname/2</seealso> </p> </item> + + <tag><c>{customize_hostname_check, Options::list()}</c></tag> + <item> + <p> Customizes the hostname verification of the peer certificate, as different protocols that use + TLS such as HTTP or LDAP may want to do it differently, for possible options see + <seealso marker="public_key:public_key#pkix_verify_hostname-3">public_key:pkix_verify_hostname/3</seealso> </p> + </item> + <tag><c>{fallback, boolean()}</c></tag> <item> <p> Send special cipher suite TLS_FALLBACK_SCSV to avoid undesired TLS version downgrade. |