aboutsummaryrefslogtreecommitdiffstats
path: root/lib/ssl/src/ssl_internal.hrl
diff options
context:
space:
mode:
authorDan Gudmundsson <[email protected]>2010-04-20 12:00:00 +0200
committerBjörn Gustavsson <[email protected]>2010-08-20 08:50:41 +0200
commitf0dbde23b539999add8754ec84541698419fc8b5 (patch)
treec2924c60a51335f1b25ef6493b8013fb6de52c7a /lib/ssl/src/ssl_internal.hrl
parentb792ebc90dca5c9ba3d75d7f3c56e2295ae5d6f3 (diff)
downloadotp-f0dbde23b539999add8754ec84541698419fc8b5.tar.gz
otp-f0dbde23b539999add8754ec84541698419fc8b5.tar.bz2
otp-f0dbde23b539999add8754ec84541698419fc8b5.zip
public_key, ssl: Patch 1112
OTP-7046 Support for Diffie-Hellman. ssl-3.11 requires public_key-0.6. OTP-8553 Moved extended key usage test for ssl values to ssl. OTP-8557 Fixes handling of the option fail_if_no_peer_cert and some undocumented options. Thanks to Rory Byrne. OTP-7046 Support for Diffie-Hellman. ssl-3.11 requires public_key-0.6. OTP-8517 New ssl now properly handles ssl renegotiation, and initiates a renegotiation if ssl/ltls-sequence numbers comes close to the max value. However RFC-5746 is not yet supported, but will be in an upcoming release. OTP-8545 When gen_tcp is configured with the {packet,http} option, it automatically switches to expect HTTP Headers after a HTTP Request/Response line has been received. This update fixes ssl to behave in the same way. Thanks to Rory Byrne. OTP-8554 Ssl now correctly verifies the extended_key_usage extension and also allows the user to verify application specific extensions by supplying an appropriate fun. OTP-8560 Fixed ssl:transport_accept/2 to return properly when socket is closed. Thanks to Rory Byrne.
Diffstat (limited to 'lib/ssl/src/ssl_internal.hrl')
-rw-r--r--lib/ssl/src/ssl_internal.hrl14
1 files changed, 9 insertions, 5 deletions
diff --git a/lib/ssl/src/ssl_internal.hrl b/lib/ssl/src/ssl_internal.hrl
index 23a5c93452..8d19abfe1e 100644
--- a/lib/ssl/src/ssl_internal.hrl
+++ b/lib/ssl/src/ssl_internal.hrl
@@ -1,19 +1,19 @@
%%
%% %CopyrightBegin%
-%%
-%% Copyright Ericsson AB 2007-2009. All Rights Reserved.
-%%
+%%
+%% Copyright Ericsson AB 2007-2010. All Rights Reserved.
+%%
%% The contents of this file are subject to the Erlang Public License,
%% Version 1.1, (the "License"); you may not use this file except in
%% compliance with the License. You should have received a copy of the
%% Erlang Public License along with this software. If not, it can be
%% retrieved online at http://www.erlang.org/.
-%%
+%%
%% Software distributed under the License is distributed on an "AS IS"
%% basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
%% the License for the specific language governing rights and limitations
%% under the License.
-%%
+%%
%% %CopyrightEnd%
%%
@@ -57,12 +57,15 @@
verify_fun, % fun(CertVerifyErrors) -> boolean()
fail_if_no_peer_cert, % boolean()
verify_client_once, % boolean()
+ %% fun(Extensions, State, Verify, AccError) -> {Extensions, State, AccError}
+ validate_extensions_fun,
depth, % integer()
certfile, % file()
keyfile, % file()
key, %
password, %
cacertfile, % file()
+ dhfile, % file()
ciphers, %
%% Local policy for the server if it want's to reuse the session
%% or not. Defaluts to allways returning true.
@@ -71,6 +74,7 @@
%% If false sessions will never be reused, if true they
%% will be reused if possible.
reuse_sessions, % boolean()
+ renegotiate_at,
debug %
}).