aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_internal.hrl
diff options
context:
space:
mode:
authorIngela Anderton Andin <[email protected]>2013-11-15 17:11:48 +0100
committerIngela Anderton Andin <[email protected]>2013-12-02 09:50:27 +0100
commitc9a45539359d71aa0c68c9ca45b8015dd0e1b9cd (patch)
tree69072918302b6733c2070a2bcddd0c4973736b18 /lib/ssl/src/ssl_internal.hrl
parent95db85ba3581b9b8722239fb1accc8a4a2d6c2e5 (diff)
downloadotp-c9a45539359d71aa0c68c9ca45b8015dd0e1b9cd.tar.gz
otp-c9a45539359d71aa0c68c9ca45b8015dd0e1b9cd.tar.bz2
otp-c9a45539359d71aa0c68c9ca45b8015dd0e1b9cd.zip
ssl: Refactor API
New design : ssl - Main tls - Reflect tls specific semantics dtls - Reflect dtls specific semantics
Diffstat (limited to 'lib/ssl/src/ssl_internal.hrl')
-rw-r--r--lib/ssl/src/ssl_internal.hrl58
1 files changed, 32 insertions, 26 deletions
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
index a582b8c290..8e5662db31 100644
--- a/lib/ssl/src/ssl_internal.hrl
+++ b/lib/ssl/src/ssl_internal.hrl
@@ -24,9 +24,6 @@
-include_lib("public_key/include/public_key.hrl").
-%% Looks like it does for backwards compatibility reasons
--record(sslsocket, {fd = nil, pid = nil}).
-
-type reason() :: term().
-type reply() :: term().
-type msg() :: term().
@@ -76,25 +73,26 @@
-define(MIN_DATAGRAM_SUPPORTED_VERSIONS, ['dtlsv1.2', dtlsv1]).
-record(ssl_options, {
- versions, % 'tlsv1.2' | 'tlsv1.1' | tlsv1 | sslv3
- verify, % verify_none | verify_peer
- verify_fun, % fun(CertVerifyErrors) -> boolean()
- fail_if_no_peer_cert, % boolean()
- verify_client_once, % boolean()
+ protocol :: tls | dtls,
+ versions :: ['tlsv1.2' | 'tlsv1.1' | tlsv1 | sslv3] | ['dtlsv1.2' | dtlsv1],
+ verify :: verify_none | verify_peer,
+ verify_fun, %%:: fun(CertVerifyErrors::term()) -> boolean(),
+ fail_if_no_peer_cert :: boolean(),
+ verify_client_once :: boolean(),
%% fun(Extensions, State, Verify, AccError) -> {Extensions, State, AccError}
validate_extensions_fun,
- depth, % integer()
- certfile, % file()
- cert, % der_encoded()
- keyfile, % file()
- key, % der_encoded()
- password, %
- cacerts, % [der_encoded()]
- cacertfile, % file()
- dh, % der_encoded()
- dhfile, % file()
+ depth :: integer(),
+ certfile :: string(),
+ cert :: der_encoded(),
+ keyfile :: string(),
+ key :: der_encoded(),
+ password :: string(),
+ cacerts :: [der_encoded()],
+ cacertfile :: string(),
+ dh :: der_encoded(),
+ dhfile :: string(),
user_lookup_fun, % server option, fun to lookup the user
- psk_identity, % binary
+ psk_identity :: binary(),
srp_identity, % client option {User, Password}
ciphers, %
%% Local policy for the server if it want's to reuse the session
@@ -103,22 +101,30 @@
reuse_session,
%% If false sessions will never be reused, if true they
%% will be reused if possible.
- reuse_sessions, % boolean()
+ reuse_sessions :: boolean(),
renegotiate_at,
secure_renegotiate,
debug,
- hibernate_after,% undefined if not hibernating,
- % or number of ms of inactivity
- % after which ssl_connection will
- % go into hibernation
+ %% undefined if not hibernating, or number of ms of
+ %% inactivity after which ssl_connection will go into
+ %% hibernation
+ hibernate_after :: boolean(),
%% This option should only be set to true by inet_tls_dist
- erl_dist = false,
+ erl_dist = false :: boolean(),
next_protocols_advertised = undefined, %% [binary()],
next_protocol_selector = undefined, %% fun([binary()]) -> binary())
- log_alert,
+ log_alert :: boolean(),
server_name_indication = undefined
}).
+-record(config, {ssl, %% SSL parameters
+ inet_user, %% User set inet options
+ emulated, %% #socket_option{} emulated
+ inet_ssl, %% inet options for internal ssl socket
+ transport_info, %% Callback info
+ connection_cb
+ }).
+
-record(socket_options,
{
mode = list,