diff options
author | Lars Thorsen <[email protected]> | 2015-12-11 10:08:14 +0100 |
---|---|---|
committer | Lars Thorsen <[email protected]> | 2015-12-11 10:08:14 +0100 |
commit | 373389620fe3dee6f1032f20f7d4acac90e45831 (patch) | |
tree | 7365c562b80686abc1ea289caec6934b018e4e04 /lib | |
parent | 6288a8610ae9fb0f1aa9ebfe0fe1b46ff87c3668 (diff) | |
parent | fae6b9385f3d0d1c725ca6cdb588b8bf1e473721 (diff) | |
download | otp-373389620fe3dee6f1032f20f7d4acac90e45831.tar.gz otp-373389620fe3dee6f1032f20f7d4acac90e45831.tar.bz2 otp-373389620fe3dee6f1032f20f7d4acac90e45831.zip |
Merge branch 'maint'
Diffstat (limited to 'lib')
-rw-r--r-- | lib/inets/doc/src/http_server.xml | 31 | ||||
-rw-r--r-- | lib/inets/doc/src/http_uri.xml | 10 | ||||
-rw-r--r-- | lib/inets/doc/src/httpc.xml | 10 | ||||
-rw-r--r-- | lib/inets/doc/src/httpd.xml | 245 | ||||
-rw-r--r-- | lib/inets/doc/src/notes.xml | 64 | ||||
-rw-r--r-- | lib/inets/doc/src/tftp.xml | 21 | ||||
-rw-r--r-- | lib/orber/doc/src/notes.xml | 6 | ||||
-rw-r--r-- | lib/ssh/doc/src/ssh.xml | 28 | ||||
-rw-r--r-- | lib/ssh/doc/src/ssh_app.xml | 43 | ||||
-rw-r--r-- | lib/ssh/doc/src/ssh_connection.xml | 14 | ||||
-rw-r--r-- | lib/ssh/doc/src/ssh_server_key_api.xml | 4 | ||||
-rw-r--r-- | lib/ssh/doc/src/ssh_sftp.xml | 31 | ||||
-rw-r--r-- | lib/ssl/doc/src/ssl.xml | 41 | ||||
-rw-r--r-- | lib/ssl/doc/src/ssl_app.xml | 34 | ||||
-rw-r--r-- | lib/ssl/doc/src/ssl_crl_cache_api.xml | 6 | ||||
-rw-r--r-- | lib/ssl/doc/src/ssl_session_cache_api.xml | 10 |
16 files changed, 253 insertions, 345 deletions
diff --git a/lib/inets/doc/src/http_server.xml b/lib/inets/doc/src/http_server.xml index 4b6d64fc8f..aeda961714 100644 --- a/lib/inets/doc/src/http_server.xml +++ b/lib/inets/doc/src/http_server.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>2004</year><year>2013</year> + <year>2004</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -21,18 +21,8 @@ limitations under the License. </legalnotice> - <title>HTTP server</title> - <prepared>Ingela Anderton Andin</prepared> - <responsible></responsible> - <docno></docno> - <approved></approved> - <checked></checked> - <date></date> - <rev></rev> <file>http_server.xml</file> - - <marker id="intro"></marker> </header> <section> @@ -65,12 +55,9 @@ <p>As of <c>Inets</c> 5.0 the HTTP server is an easy to start/stop and customize web server providing the most basic - web server functionality. Depending on your needs, there - are also other Erlang-based web servers that can be of interest - such as <url href=" http://yaws.hyber.org ">Yaws</url>, which, - for example, has its own - markup support to generate HTML and supports certain buzzword - technologies, such as SOAP.</p> + web server functionality. Inets is designed for embedded systems + and if you want a full-fledged web server there are exists other + erlang open source alternatives.</p> <p>Almost all server functionality has been implemented using an especially crafted server API, which is described in the Erlang Web @@ -356,9 +343,9 @@ UserName:Password</pre> </taglist> <section> - <title>CGI Version 1.1, - <url href="http://www.ietf.org/rfc/rfc3875.txt">RFC 3875</url></title> - <p>The module <c>mod_cgi</c> enables execution of CGI scripts + <title>CGI Version 1.1, RFC 3875</title> + <p>The module <c>mod_cgi</c> enables execution of + <url href="http://www.ietf.org/rfc/rfc3875.txt">CGI scripts</url> on the server. A file matching the definition of a ScriptAlias config directive is treated as a CGI script. A CGI script is executed by the server and its output is returned to @@ -541,7 +528,7 @@ http://your.server.org/eval?httpd_example:print(atom_to_list(apply(erlang,halt,[ <title>mod_action - Filetype/Method-Based Script Execution</title> <p>This module runs CGI scripts whenever a file of a certain type or HTTP method (see - <url href="http://tools.ietf.org/html/rfc1945">RFC 1945</url>RFC 1945) + <url href="http://tools.ietf.org/html/rfc1945">RFC 1945</url>) is requested. </p> <p>Uses the following Erlang Web Server API interaction data: @@ -568,7 +555,7 @@ http://your.server.org/eval?httpd_example:print(atom_to_list(apply(erlang,halt,[ <taglist> <tag><c>{real_name, PathData}</c></tag> <item><c>PathData</c> is the argument used for API function - <seealso marker="mod_alias:path/3">mod_alias:path/3</seealso>.</item> + <seealso marker="mod_alias#path/3">mod_alias:path/3</seealso>.</item> </taglist> </section> diff --git a/lib/inets/doc/src/http_uri.xml b/lib/inets/doc/src/http_uri.xml index 64e6c7a6cc..8e0301c520 100644 --- a/lib/inets/doc/src/http_uri.xml +++ b/lib/inets/doc/src/http_uri.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>2012</year><year>2013</year> + <year>2012</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -142,14 +142,14 @@ <p>If the fragment option is <c>true</c>, the URI fragment is returned as part of the parsing result, otherwise it is ignored.</p> - <p>Scheme validation fun is to be defined as follows: + <p>Scheme validation fun is to be defined as follows:</p> - <code> + <code> fun(SchemeStr :: string()) -> valid | {error, Reason :: term()}. - </code> + </code> - It is called before scheme string gets converted into scheme atom and + <p>It is called before scheme string gets converted into scheme atom and thus possible atom leak could be prevented</p> <marker id="encode"></marker> diff --git a/lib/inets/doc/src/httpc.xml b/lib/inets/doc/src/httpc.xml index 31e44f405c..ca9b268a03 100644 --- a/lib/inets/doc/src/httpc.xml +++ b/lib/inets/doc/src/httpc.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>2004</year><year>2013</year> + <year>2004</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -554,8 +554,8 @@ <v>IpDesc = string()</v> <d>Example: "134.138" or "[FEDC:BA98" (all IP addresses starting with 134.138 or FEDC:BA98), - "66.35.250.150" or "[2010:836B:4179::836B:4179]" (a complete IP address).</d> - <d><c>proxy</c> defaults to <c>{undefined, []}</c>, + "66.35.250.150" or "[2010:836B:4179::836B:4179]" (a complete IP address). + <c>proxy</c> defaults to <c>{undefined, []}</c>, that is, no proxy is configured and <c>https_proxy</c> defaults to the value of <c>proxy</c>.</d> <v>MaxSessions = integer()</v> @@ -597,8 +597,8 @@ for details.</d> <v>socket_opts() = [socket_opt()]</v> <d>The options are appended to the socket options used by the - client.</d> - <d>These are the default values when a new request handler + client. + These are the default values when a new request handler is started (for the initial connect). They are passed directly to the underlying transport (<c>gen_tcp</c> or <c>SSL</c>) <em>without</em> verification.</d> diff --git a/lib/inets/doc/src/httpd.xml b/lib/inets/doc/src/httpd.xml index 0fc3cb1ce7..62b92b8356 100644 --- a/lib/inets/doc/src/httpd.xml +++ b/lib/inets/doc/src/httpd.xml @@ -30,13 +30,14 @@ <file>httpd.sgml</file> </header> <module>httpd</module> - <modulesummary>An implementation of an HTTP - 1.1 compliant web server, as defined in <url href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</url> + <modulesummary> + HTTP server API </modulesummary> <description> - <p>This module provides the HTTP server start options, some administrative - functions, and specifies the Erlang web server callback - API.</p> + <p>An implementation of an HTTP 1.1 compliant web server, as defined in + <url href="http://www.ietf.org/rfc/rfc2616.txt">RFC 2616</url>. + Provides web server start options, administrative functions, and + an Erlang callback API.</p> </description> <section> @@ -78,8 +79,7 @@ list.</p> <taglist> - <marker id="prop_proplist_file"></marker> - <tag>{proplist_file, path()}</tag> + <tag><marker id="prop_proplist_file"></marker>{proplist_file, path()}</tag> <item> <p>If this property is defined, <c>Inets</c> expects to find all other properties defined in this file. The @@ -87,8 +87,7 @@ properties.</p> </item> - <marker id="prop_file"></marker> - <tag>{file, path()}</tag> + <tag><marker id="prop_file"></marker>{file, path()}</tag> <item> <p>If this property is defined, <c>Inets</c> expects to find all other properties defined in this file, which uses Apache-like @@ -121,8 +120,7 @@ <marker id="props_mand"></marker> <p><em>Mandatory Properties</em></p> <taglist> - <marker id="prop_port"></marker> - <tag>{port, integer()} </tag> + <tag><marker id="prop_port"></marker>{port, integer()} </tag> <item> <p>The port that the HTTP server listen to. If zero is specified as port, an arbitrary available port @@ -130,22 +128,19 @@ determine which port was picked.</p> </item> - <marker id="prop_server_name"></marker> - <tag>{server_name, string()}</tag> + <tag><marker id="prop_server_name"></marker>{server_name, string()}</tag> <item> <p>The name of your server, normally a fully qualified domain name.</p> </item> - <marker id="prop_server_root"></marker> - <tag>{server_root, path()}</tag> + <tag><marker id="prop_server_root"></marker>{server_root, path()}</tag> <item> <p>Defines the home directory of the server, where log files, and so on, can be stored. Relative paths specified in other properties refer to this directory.</p> </item> - <marker id="prop_doc_root"></marker> - <tag>{document_root, path()}</tag> + <tag> <marker id="prop_doc_root"></marker>{document_root, path()}</tag> <item> <p>Defines the top directory for the documents that are available on the HTTP server.</p> @@ -155,15 +150,13 @@ <marker id="props_comm"></marker> <p><em>Communication Properties</em></p> <taglist> - <marker id="prop_bind_address"></marker> - <tag>{bind_address, ip_address() | hostname() | any}</tag> + <tag><marker id="prop_bind_address"></marker>{bind_address, ip_address() | hostname() | any}</tag> <item> <p>Default is <c>any</c>. <c>any</c> is denoted <em>*</em> in the Apache-like configuration file.</p> </item> - <marker id="profile"></marker> - <tag>{profile, atom()}</tag> + <tag><marker id="profile"></marker>{profile, atom()}</tag> <item> <p>Used together with <seealso marker="#prop_bind_address"><c>bind_address</c></seealso> and <seealso marker="#prop_port"><c>port</c></seealso> to uniquely identify @@ -176,8 +169,7 @@ </p> </item> - <marker id="prop_socket_type"></marker> - <tag>{socket_type, ip_comm | {ip_comm, Config::proplist()} | {essl, Config::proplist()}}</tag> + <tag><marker id="prop_socket_type"></marker>{socket_type, ip_comm | {ip_comm, Config::proplist()} | {essl, Config::proplist()}}</tag> <item> <p>For <c>ip_comm</c> configuration options, see <seealso marker="kernel:gen_tcp#listen-2">gen_tcp:listen/2</seealso>, some options @@ -187,15 +179,13 @@ <p>Default is <c>ip_comm</c>.</p> </item> - <marker id="prop_ipfamily"></marker> - <tag>{ipfamily, inet | inet6}</tag> + <tag><marker id="prop_ipfamily"></marker>{ipfamily, inet | inet6}</tag> <item> <p>Default is <c>inet</c>, legacy option <c>inet6fb4</c> no longer makes sense and will be translated to inet.</p> </item> - <marker id="prop_minimum_bytes_per_second"></marker> - <tag>{minimum_bytes_per_second, integer()}</tag> + <tag><marker id="prop_minimum_bytes_per_second"></marker>{minimum_bytes_per_second, integer()}</tag> <item> <p>If given, sets a minimum of bytes per second value for connections.</p> <p>If the value is unreached, the socket closes for that connection.</p> @@ -206,8 +196,7 @@ <marker id="props_api_modules"></marker> <p><em>Erlang Web Server API Modules</em> </p> <taglist> - <marker id="prop_modules"></marker> - <tag>{modules, [atom()]} </tag> + <tag><marker id="prop_modules"></marker>{modules, [atom()]} </tag> <item> <p>Defines which modules the HTTP server uses when handling requests. Default is <c>[mod_alias, mod_auth, mod_esi, @@ -224,60 +213,52 @@ <p><em>Limit properties</em> </p> <taglist> - <marker id="prop_customize"></marker> - <tag>{customize, atom()}</tag> + <tag><marker id="prop_customize"></marker>{customize, atom()}</tag> <item> <p>A callback module to customize the inets HTTP servers behaviour see <seealso marker="httpd_custom_api"> httpd_custom_api</seealso> </p> </item> - <marker id="prop_disable_chunked_encoding"></marker> - <tag>{disable_chunked_transfer_encoding_send, boolean()}</tag> + <tag><marker id="prop_disable_chunked_encoding"></marker>{disable_chunked_transfer_encoding_send, boolean()}</tag> <item> <p>Allows you to disable chunked transfer-encoding when sending a response to an HTTP/1.1 client. Default is <c>false</c>.</p> </item> - <marker id="prop_keep_alive"></marker> - <tag>{keep_alive, boolean()}</tag> + <tag><marker id="prop_keep_alive"></marker>{keep_alive, boolean()}</tag> <item> <p>Instructs the server whether to use persistent connections when the client claims to be HTTP/1.1 compliant. Default is <c>true</c>.</p> </item> - <marker id="prop_keep_alive_timeout"></marker> - <tag>{keep_alive_timeout, integer()}</tag> + <tag><marker id="prop_keep_alive_timeout"></marker>{keep_alive_timeout, integer()}</tag> <item> <p>The number of seconds the server waits for a subsequent request from the client before closing the connection. Default is <c>150</c>.</p> </item> - <marker id="prop_max_body_size"></marker> - <tag>{max_body_size, integer()}</tag> + <tag><marker id="prop_max_body_size"></marker>{max_body_size, integer()}</tag> <item> <p>Limits the size of the message body of an HTTP request. Default is no limit.</p> </item> - <marker id="prop_max_clients"></marker> - <tag>{max_clients, integer()}</tag> + <tag><marker id="prop_max_clients"></marker>{max_clients, integer()}</tag> <item> <p>Limits the number of simultaneous requests that can be supported. Default is <c>150</c>.</p> </item> - <marker id="prop_max_header_size"></marker> - <tag>{max_header_size, integer()}</tag> + <tag><marker id="prop_max_header_size"></marker>{max_header_size, integer()}</tag> <item> <p>Limits the size of the message header of an HTTP request. Default is <c>10240</c>.</p> </item> - <marker id="prop_max_content_length"></marker> - <tag>{max_content_length, integer()}</tag> + <tag><marker id="prop_max_content_length"></marker>{max_content_length, integer()}</tag> <item> <p>Maximum content-length in an incoming request, in bytes. Requests with content larger than this are answered with status 413. @@ -285,15 +266,13 @@ </p> </item> - <marker id="prop_max_uri"></marker> - <tag>{max_uri_size, integer()}</tag> + <tag><marker id="prop_max_uri"></marker>{max_uri_size, integer()}</tag> <item> <p>Limits the size of the HTTP request URI. Default is no limit.</p> </item> - <marker id="prop_max_keep_alive_req"></marker> - <tag>{max_keep_alive_request, integer()}</tag> + <tag><marker id="prop_max_keep_alive_req"></marker>{max_keep_alive_request, integer()}</tag> <item> <p>The number of requests that a client can do on one connection. When the server has responded to the number of @@ -306,8 +285,7 @@ <marker id="props_admin"></marker> <p><em>Administrative Properties</em></p> <taglist> - <marker id="prop_mime_types"></marker> - <tag>{mime_types, [{MimeType, Extension}] | path()}</tag> + <tag><marker id="prop_mime_types"></marker>{mime_types, [{MimeType, Extension}] | path()}</tag> <item> <p><c>MimeType = string()</c> and <c>Extension = string()</c>. Files delivered to the client are MIME typed according to RFC @@ -323,24 +301,21 @@ text/plain asc txt</pre> <p>Default is [{"html","text/html"},{"htm","text/html"}].</p> </item> - <marker id="prop_mime_type"></marker> - <tag>{mime_type, string()}</tag> + <tag><marker id="prop_mime_type"></marker>{mime_type, string()}</tag> <item> <p>When the server is asked to provide a document type that cannot be determined by the MIME Type Settings, the server uses this default type.</p> </item> - <marker id="prop_server_admin"></marker> - <tag>{server_admin, string()}</tag> + <tag><marker id="prop_server_admin"></marker>{server_admin, string()}</tag> <item> <p>Defines the email-address of the server administrator to be included in any error messages returned by the server.</p> </item> - <marker id="prop_server_tokens"></marker> - <tag>{server_tokens, none|prod|major|minor|minimal|os|full|{private, string()}}</tag> + <tag><marker id="prop_server_tokens"></marker>{server_tokens, none|prod|major|minor|minimal|os|full|{private, string()}}</tag> <item> <p>Defines the look of the value of the server header.</p> <p>Example: Assuming the version of <c>Inets</c> is 5.8.1, @@ -367,8 +342,7 @@ text/plain asc txt</pre> <p>By default, the value is as before, that is, <c>minimal</c>.</p> </item> - <marker id="prop_log_format"></marker> - <tag>{log_format, common | combined}</tag> + <tag><marker id="prop_log_format"></marker>{log_format, common | combined}</tag> <item> <p>Defines if access logs are to be written according to the <c>common</c> log format or the extended common log format. @@ -411,8 +385,7 @@ text/plain asc txt</pre> </p> </item> - <marker id="prop_elog_format"></marker> - <tag>{error_log_format, pretty | compact}</tag> + <tag><marker id="prop_elog_format"></marker>{error_log_format, pretty | compact}</tag> <item> <p>Default is <c>pretty</c>. If the error log is meant to be read directly by a human, <c>pretty</c> is the best option.</p> @@ -434,60 +407,57 @@ text/plain asc txt</pre> <marker id="props_alias"></marker> <p><em>URL Aliasing Properties - Requires mod_alias</em></p> <taglist> - <marker id="prop_alias"></marker> - <tag>{alias, {Alias, RealName}}</tag> + <tag><marker id="prop_alias"></marker>{alias, {Alias, RealName}}</tag> <item> <p><c>Alias = string()</c> and <c>RealName = string()</c>. <c>alias</c> allows documents to be stored in the local file system instead of the <c>document_root</c> location. URLs with a path beginning with url-path is mapped to local files beginning with - directory-filename, for example: + directory-filename, for example:</p> <code>{alias, {"/image", "/ftp/pub/image"}}</code> - Access to http://your.server.org/image/foo.gif would refer to + <p>Access to http://your.server.org/image/foo.gif would refer to the file /ftp/pub/image/foo.gif.</p> </item> - <marker id="prop_re_write"></marker> - <tag>{re_write, {Re, Replacement}}</tag> + <tag><marker id="prop_re_write"></marker>{re_write, {Re, Replacement}}</tag> <item> <p><c>Re = string()</c> and <c>Replacement = string()</c>. <c>re_write</c> allows documents to be stored in the local file system instead of the <c>document_root</c> location. URLs are rewritten by <c>re:replace/3</c> to produce a path in the local file-system, - for example: + for example:</p> <code>{re_write, {"^/[~]([^/]+)(.*)$", "/home/\\1/public\\2"}}</code> - Access to http://your.server.org/~bob/foo.gif would refer to + <p>Access to http://your.server.org/~bob/foo.gif would refer to the file /home/bob/public/foo.gif. In an Apache-like configuration file, <c>Re</c> is separated from <c>Replacement</c> with one single space, and as expected backslashes do not need to be backslash escaped, the - same example would become: + same example would become:</p> <code>ReWrite ^/[~]([^/]+)(.*)$ /home/\1/public\2</code> - Beware of trailing space in <c>Replacement</c> to be used. + <p>Beware of trailing space in <c>Replacement</c> to be used. If you must have a space in <c>Re</c>, use, for example, the character encoding <c>\040</c>, see <seealso marker="stdlib:re">re(3)</seealso>.</p> </item> - <marker id="prop_dir_idx"></marker> - <tag>{directory_index, [string()]}</tag> + <tag><marker id="prop_dir_idx"></marker>{directory_index, [string()]}</tag> <item> <p><c>directory_index</c> specifies a list of resources to look for if a client requests a directory using a <c>/</c> at the end of the directory name. <c>file</c> depicts the name of a file in the directory. Several files can be given, in which case the server - returns the first it finds, for example: + returns the first it finds, for example:</p> <code>{directory_index, ["index.hml", "welcome.html"]}</code> - Access to http://your.server.org/docs/ would return + <p>Access to http://your.server.org/docs/ would return http://your.server.org/docs/index.html or http://your.server.org/docs/welcome.html if index.html does not exist.</p> @@ -497,38 +467,35 @@ text/plain asc txt</pre> <marker id="props_cgi"></marker> <p><em>CGI Properties - Requires mod_cgi</em></p> <taglist> - <marker id="prop_script_alias"></marker> - <tag>{script_alias, {Alias, RealName}}</tag> + <tag><marker id="prop_script_alias"></marker>{script_alias, {Alias, RealName}}</tag> <item> <p><c>Alias = string()</c> and <c>RealName = string()</c>. Have the same behavior as property <c>alias</c>, except that they also mark the target directory as containing CGI scripts. URLs with a path beginning with url-path are mapped to - scripts beginning with directory-filename, for example: + scripts beginning with directory-filename, for example:</p> <code>{script_alias, {"/cgi-bin/", "/web/cgi-bin/"}}</code> - Access to http://your.server.org/cgi-bin/foo would cause + <p>Access to http://your.server.org/cgi-bin/foo would cause the server to run the script /web/cgi-bin/foo.</p> </item> - <marker id="prop_script_re_write"></marker> - <tag>{script_re_write, {Re, Replacement}}</tag> + <tag><marker id="prop_script_re_write"></marker>{script_re_write, {Re, Replacement}}</tag> <item> <p><c>Re = string()</c> and <c>Replacement = string()</c>. Have the same behavior as property <c>re_write</c>, except that they also mark the target directory as containing CGI scripts. URLs with a path beginning with url-path are mapped to - scripts beginning with directory-filename, for example: + scripts beginning with directory-filename, for example:</p> <code>{script_re_write, {"^/cgi-bin/(\\d+)/", "/web/\\1/cgi-bin/"}}</code> - Access to http://your.server.org/cgi-bin/17/foo would cause + <p>Access to http://your.server.org/cgi-bin/17/foo would cause the server to run the script /web/17/cgi-bin/foo.</p> </item> - <marker id="prop_script_nocache"></marker> - <tag>{script_nocache, boolean()}</tag> + <tag><marker id="prop_script_nocache"></marker>{script_nocache, boolean()}</tag> <item> <p>If <c>script_nocache</c> is set to <c>true</c>, the HTTP server by default adds the header fields necessary to prevent proxies from @@ -536,8 +503,7 @@ text/plain asc txt</pre> Default to <c>false</c>.</p> </item> - <marker id="prop_script_timeout"></marker> - <tag>{script_timeout, integer()}</tag> + <tag><marker id="prop_script_timeout"></marker>{script_timeout, integer()}</tag> <item> <p>The time in seconds the web server waits between each chunk of data from the script. If the CGI script does not deliver @@ -545,8 +511,7 @@ text/plain asc txt</pre> closed. Default is <c>15</c>.</p> </item> - <marker id="prop_action"></marker> - <tag>{action, {MimeType, CgiScript}} - requires mod_action</tag> + <tag><marker id="prop_action"></marker>{action, {MimeType, CgiScript}} - requires mod_action</tag> <item> <p><c>MimeType = string()</c> and <c>CgiScript = string()</c>. <c>action</c> adds an action activating a CGI script @@ -559,8 +524,7 @@ text/plain asc txt</pre> <code>{action, {"text/plain", "/cgi-bin/log_and_deliver_text"}}</code> </item> - <marker id="prop_script"></marker> - <tag>{script, {Method, CgiScript}} - requires mod_action</tag> + <tag><marker id="prop_script"></marker>{script, {Method, CgiScript}} - requires mod_action</tag> <item> <p><c>Method = string()</c> and <c>CgiScript = string()</c>. <c>script</c> adds an action activating a CGI script @@ -579,17 +543,16 @@ text/plain asc txt</pre> <marker id="props_esi"></marker> <p><em>ESI Properties - Requires mod_esi</em></p> <taglist> - <marker id="prop_esi_alias"></marker> - <tag>{erl_script_alias, {URLPath, [AllowedModule]}}</tag> + <tag><marker id="prop_esi_alias"></marker>{erl_script_alias, {URLPath, [AllowedModule]}}</tag> <item> <p><c>URLPath = string()</c> and <c>AllowedModule = atom()</c>. <c>erl_script_alias</c> marks all URLs matching url-path as erl scheme scripts. A matching URL is mapped into a specific module - and function, for example: + and function, for example:</p> <code>{erl_script_alias, {"/cgi-bin/example", [httpd_example]}}</code> - A request to + <p>A request to http://your.server.org/cgi-bin/example/httpd_example:yahoo would refer to httpd_example:yahoo/3 or, if that does not exist, httpd_example:yahoo/2 and @@ -597,8 +560,7 @@ text/plain asc txt</pre> not be allowed to execute.</p> </item> - <marker id="prop_esi_nocache"></marker> - <tag>{erl_script_nocache, boolean()}</tag> + <tag><marker id="prop_esi_nocache"></marker>{erl_script_nocache, boolean()}</tag> <item> <p>If <c>erl_script_nocache</c> is set to <c>true</c>, the server adds HTTP header fields preventing proxies from caching the @@ -607,8 +569,7 @@ text/plain asc txt</pre> Default is <c>false</c>.</p> </item> - <marker id="prop_esi_timeout"></marker> - <tag>{erl_script_timeout, integer()}</tag> + <tag><marker id="prop_esi_timeout"></marker>{erl_script_timeout, integer()}</tag> <item> <p>If <c>erl_script_timeout</c> sets the time in seconds the server waits between each chunk of data to be delivered through @@ -616,8 +577,7 @@ text/plain asc txt</pre> for scripts that use the erl scheme.</p> </item> - <marker id="prop_esi_timeout"></marker> - <tag>{eval_script_alias, {URLPath, [AllowedModule]}}</tag> + <tag><marker id="prop_esi_timeout"></marker>{eval_script_alias, {URLPath, [AllowedModule]}}</tag> <item> <p><c>URLPath = string()</c> and <c>AllowedModule = atom()</c>. Same as <c>erl_script_alias</c> but for scripts @@ -629,24 +589,21 @@ text/plain asc txt</pre> <marker id="props_log"></marker> <p><em>Log Properties - Requires mod_log</em></p> <taglist> - <marker id="prop_elog"></marker> - <tag>{error_log, path()}</tag> + <tag><marker id="prop_elog"></marker>{error_log, path()}</tag> <item> <p>Defines the filename of the error log file to be used to log server errors. If the filename does not begin with a slash (/), it is assumed to be relative to the <c>server_root</c>.</p> </item> - <marker id="prop_slog"></marker> - <tag>{security_log, path()}</tag> + <tag><marker id="prop_slog"></marker>{security_log, path()}</tag> <item> <p>Defines the filename of the access log file to be used to log security events. If the filename does not begin with a slash (/), it is assumed to be relative to the <c>server_root</c>.</p> </item> - <marker id="prop_tlog"></marker> - <tag>{transfer_log, path()}</tag> + <tag><marker id="prop_tlog"></marker>{transfer_log, path()}</tag> <item> <p>Defines the filename of the access log file to be used to log incoming requests. If the filename does not begin with a @@ -657,8 +614,7 @@ text/plain asc txt</pre> <marker id="props_dlog"></marker> <p><em>Disk Log Properties - Requires mod_disk_log</em></p> <taglist> - <marker id="prop_dlog_format"></marker> - <tag>{disk_log_format, internal | external}</tag> + <tag><marker id="prop_dlog_format"></marker>{disk_log_format, internal | external}</tag> <item> <p>Defines the file format of the log files. See <c>disk_log</c> for details. If the internal file format is used, the @@ -668,16 +624,14 @@ text/plain asc txt</pre> <c>external</c>.</p> </item> - <marker id="prop_edlog"></marker> - <tag>{error_disk_log, path()}</tag> + <tag><marker id="prop_edlog"></marker>{error_disk_log, path()}</tag> <item> <p>Defines the filename of the (<c>disk_log(3)</c>) error log file to be used to log server errors. If the filename does not begin with a slash (/), it is assumed to be relative to the <c>server_root</c>.</p> </item> - <marker id="prop_edlog_size"></marker> - <tag>{error_disk_log_size, {MaxBytes, MaxFiles}}</tag> + <tag><marker id="prop_edlog_size"></marker>{error_disk_log_size, {MaxBytes, MaxFiles}}</tag> <item> <p><c>MaxBytes = integer()</c> and <c>MaxFiles = integer()</c>. Defines the properties of the (<c>disk_log(3)</c>) error log @@ -686,8 +640,7 @@ text/plain asc txt</pre> used before the first file is truncated and reused.</p> </item> - <marker id="prop_sdlog"></marker> - <tag>{security_disk_log, path()}</tag> + <tag><marker id="prop_sdlog"></marker>{security_disk_log, path()}</tag> <item> <p>Defines the filename of the (<c>disk_log(3)</c>) access log file logging incoming security events, that is, authenticated @@ -695,8 +648,7 @@ text/plain asc txt</pre> is assumed to be relative to the <c>server_root</c>.</p> </item> - <marker id="prop_sdlog_size"></marker> - <tag>{security_disk_log_size, {MaxBytes, MaxFiles}}</tag> + <tag><marker id="prop_sdlog_size"></marker>{security_disk_log_size, {MaxBytes, MaxFiles}}</tag> <item> <p><c>MaxBytes = integer()</c> and <c>MaxFiles = integer()</c>. Defines the properties of the <c>disk_log(3)</c> access log @@ -705,8 +657,7 @@ text/plain asc txt</pre> used before the first file is truncated and reused.</p> </item> - <marker id="prop_tdlog"></marker> - <tag>{transfer_disk_log, path()}</tag> + <tag><marker id="prop_tdlog"></marker>{transfer_disk_log, path()}</tag> <item> <p>Defines the filename of the (<c>disk_log(3)</c>) access log file logging incoming requests. If the filename does not begin @@ -714,8 +665,7 @@ text/plain asc txt</pre> <c>server_root</c>.</p> </item> - <marker id="prop_tdlog_size"></marker> - <tag>{transfer_disk_log_size, {MaxBytes, MaxFiles}}</tag> + <tag><marker id="prop_tdlog_size"></marker>{transfer_disk_log_size, {MaxBytes, MaxFiles}}</tag> <item> <p><c>MaxBytes = integer()</c> and <c>MaxFiles = integer()</c>. Defines the properties of the <c>disk_log(3)</c> access log @@ -735,32 +685,29 @@ text/plain asc txt</pre> <p>The properties for directories are as follows:</p> <taglist> - <marker id="prop_allow_from"></marker> - <tag>{allow_from, all | [RegxpHostString]}</tag> + <tag><marker id="prop_allow_from"></marker>{allow_from, all | [RegxpHostString]}</tag> <item> <p>Defines a set of hosts to be granted access to a - given directory, for example: + given directory, for example:</p> <code>{allow_from, ["123.34.56.11", "150.100.23"]}</code> - The host <c>123.34.56.11</c> and all machines on the <c>150.100.23</c> + <p>The host <c>123.34.56.11</c> and all machines on the <c>150.100.23</c> subnet are allowed access.</p> </item> - <marker id="prop_deny_from"></marker> - <tag>{deny_from, all | [RegxpHostString]}</tag> + <tag><marker id="prop_deny_from"></marker>{deny_from, all | [RegxpHostString]}</tag> <item> <p>Defines a set of hosts - to be denied access to a given directory, for example: + to be denied access to a given directory, for example:</p> <code>{deny_from, ["123.34.56.11", "150.100.23"]}</code> - The host <c>123.34.56.11</c> and all machines on the <c>150.100.23</c> + <p>The host <c>123.34.56.11</c> and all machines on the <c>150.100.23</c> subnet are not allowed access.</p> </item> - <marker id="prop_auth_type"></marker> - <tag>{auth_type, plain | dets | mnesia}</tag> + <tag><marker id="prop_auth_type"></marker>{auth_type, plain | dets | mnesia}</tag> <item> <p>Sets the type of authentication database that is used for the directory. The key difference between the different methods is @@ -770,8 +717,7 @@ text/plain asc txt</pre> configuration files.</p> </item> - <marker id="prop_auth_user_file"></marker> - <tag>{auth_user_file, path()}</tag> + <tag><marker id="prop_auth_user_file"></marker>{auth_user_file, path()}</tag> <item> <p>Sets the name of a file containing the list of users and passwords for user authentication. The filename can be either @@ -795,8 +741,7 @@ text/plain asc txt</pre> clients can download it.</p> </item> - <marker id="prop_auth_group_file"></marker> - <tag>{auth_group_file, path()}</tag> + <tag><marker id="prop_auth_group_file"></marker>{auth_group_file, path()}</tag> <item> <p>Sets the name of a file containing the list of user groups for user authentication. The filename can be either @@ -818,16 +763,14 @@ text/plain asc txt</pre> can download it.</p> </item> - <marker id="prop_auth_name"></marker> - <tag>{auth_name, string()}</tag> + <tag><marker id="prop_auth_name"></marker>{auth_name, string()}</tag> <item> <p>Sets the name of the authorization realm (auth-domain) for a directory. This string informs the client about which username and password to use.</p> </item> - <marker id="prop_auth_access_passwd"></marker> - <tag>{auth_access_password, string()}</tag> + <tag><marker id="prop_auth_access_passwd"></marker>{auth_access_password, string()}</tag> <item> <p>If set to other than "NoPassword", the password is required for all API calls. If the password is set to "DummyPassword", the @@ -837,15 +780,13 @@ text/plain asc txt</pre> text in the configuration file.</p> </item> - <marker id="prop_req_user"></marker> - <tag>{require_user, [string()]}</tag> + <tag><marker id="prop_req_user"></marker>{require_user, [string()]}</tag> <item> <p>Defines users to grant access to a given directory using a secret password.</p> </item> - <marker id="prop_req_grp"></marker> - <tag>{require_group, [string()]}</tag> + <tag><marker id="prop_req_grp"></marker>{require_group, [string()]}</tag> <item> <p>Defines users to grant access to a given directory using a secret password.</p> @@ -856,8 +797,7 @@ text/plain asc txt</pre> <marker id="props_htaccess"></marker> <p><em>Htaccess Authentication Properties - Requires mod_htaccess</em></p> <taglist> - <marker id="prop_access_files"></marker> - <tag>{access_files, [path()]}</tag> + <tag><marker id="prop_access_files"></marker>{access_files, [path()]}</tag> <item> <p>Specifies the filenames that are used for access files. When a request comes, every directory in the path @@ -877,16 +817,14 @@ text/plain asc txt</pre> <marker id="props_sdir"></marker> <p>The properties for the security directories are as follows:</p> <taglist> - <marker id="prop_data_file"></marker> - <tag>{data_file, path()}</tag> + <tag><marker id="prop_data_file"></marker>{data_file, path()}</tag> <item> <p>Name of the security data file. The filename can either be absolute or relative to the <c>server_root</c>. This file is used to store persistent data for module <c>mod_security</c>.</p> </item> - <marker id="prop_max_retries"></marker> - <tag>{max_retries, integer()}</tag> + <tag><marker id="prop_max_retries"></marker>{max_retries, integer()}</tag> <item> <p>Specifies the maximum number of attempts to authenticate a user before the user is blocked out. If a user @@ -898,16 +836,14 @@ text/plain asc txt</pre> Default is <c>3</c>. Can be set to infinity.</p> </item> - <marker id="prop_block_time"></marker> - <tag>{block_time, integer()}</tag> + <tag><marker id="prop_block_time"></marker>{block_time, integer()}</tag> <item> <p>Specifies the number of minutes a user is blocked. After this timehas passed, the user automatically regains access. Default is <c>60</c>.</p> </item> - <marker id="prop_fail_exp_time"></marker> - <tag>{fail_expire_time, integer()}</tag> + <tag><marker id="prop_fail_exp_time"></marker>{fail_expire_time, integer()}</tag> <item> <p>Specifies the number of minutes a failed user authentication is remembered. If a user authenticates after this @@ -916,8 +852,7 @@ text/plain asc txt</pre> Default is <c>30</c>.</p> </item> - <marker id="prop_auth_timeout"></marker> - <tag>{auth_timeout, integer()}</tag> + <tag><marker id="prop_auth_timeout"></marker>{auth_timeout, integer()}</tag> <item> Specifies the number of seconds a successful user authentication is remembered. After this time has passed, the diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml index 8c4fdfdf70..7ebb3ddffa 100644 --- a/lib/inets/doc/src/notes.xml +++ b/lib/inets/doc/src/notes.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>2002</year><year>2014</year> + <year>2002</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -1807,23 +1807,21 @@ <item> <p>[httpd] - Issues with ESI erl_script_timeout. </p> - <p> - <list type="bulleted"> - <item> - <p>The <c>erl_script_timeout</c> config option is ducumented - as a number of seconds. But when parsing the config, in the - new format (not a config file), it was handled as if in - number of milliseconds. </p> - </item> - <item> - <p>When the erl-script-timeout time was exceeded, the server - incorrectly marked the answer as sent, thereby leaving - client hanging (with an incomplete answer). - This has been changed, so that now the socket will be - closed. </p> - </item> - </list> - </p> + <list type="bulleted"> + <item> + <p>The <c>erl_script_timeout</c> config option is ducumented + as a number of seconds. But when parsing the config, in the + new format (not a config file), it was handled as if in + number of milliseconds. </p> + </item> + <item> + <p>When the erl-script-timeout time was exceeded, the server + incorrectly marked the answer as sent, thereby leaving + client hanging (with an incomplete answer). + This has been changed, so that now the socket will be + closed. </p> + </item> + </list> <p>Own Id: OTP-8509</p> </item> </list> @@ -1899,20 +1897,19 @@ <item> <p>[httpc] Several more or less critical fixes:</p> - <p> - <list type="bulleted"> - <item> - <p>Initial call between the httpc manager and request - handler was synchronous. </p> - <p>When the manager starts a new request handler, - this is no longer a synchronous operation. Previously, - the new request handler made the connection to the - server and issuing of the first request (the reason - for starting it) in the gen_server init function. - If the connection for some reason "took some time", - the manager hanged, leaving all other activities by - that manager also hanging. </p> - </item> + <list type="bulleted"> + <item> + <p>Initial call between the httpc manager and request + handler was synchronous. </p> + <p>When the manager starts a new request handler, + this is no longer a synchronous operation. Previously, + the new request handler made the connection to the + server and issuing of the first request (the reason + for starting it) in the gen_server init function. + If the connection for some reason "took some time", + the manager hanged, leaving all other activities by + that manager also hanging. </p> + </item> <!-- <item> <p>Copying of data between processes</p> @@ -1923,8 +1920,7 @@ <p>TBD</p> </item> --> - </list> - </p> + </list> <p>As a side-effect of these changes, some modules was also renamed, and a new api module, <seealso marker="httpc">httpc</seealso>, has been introduced diff --git a/lib/inets/doc/src/tftp.xml b/lib/inets/doc/src/tftp.xml index 00d9d53376..10398f5088 100644 --- a/lib/inets/doc/src/tftp.xml +++ b/lib/inets/doc/src/tftp.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>2006</year><year>2013</year> + <year>2006</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -216,12 +216,9 @@ five times when the time-out expires.</p> </item> </taglist> - - <marker id="start1"></marker> </section> <funcs> - <marker id="change_config_daemons"></marker> <func> <name>change_config(daemons, Options) -> [{Pid, Result}]</name> <fsummary>Changes configuration for all daemons. @@ -234,8 +231,6 @@ </type> <desc> <p>Changes configuration for all TFTP daemon processes. </p> - - <marker id="change_config_servers"></marker> </desc> </func> @@ -251,8 +246,6 @@ </type> <desc> <p>Changes configuration for all TFTP server processes.</p> - - <marker id="change_config_pid"></marker> </desc> </func> @@ -268,7 +261,6 @@ </type> <desc> <p>Changes configuration for a TFTP daemon, server, or client process.</p> - <marker id="info_daemons"></marker> </desc> </func> @@ -282,8 +274,6 @@ </type> <desc> <p>Returns information about all TFTP daemon processes.</p> - - <marker id="info_servers"></marker> </desc> </func> @@ -297,8 +287,6 @@ </type> <desc> <p>Returns information about all TFTP server processes. </p> - - <marker id="info_pid"></marker> </desc> </func> @@ -341,9 +329,7 @@ the regexps of these and the callback module corresponding to the first match is used, or an error tuple is returned if no matching regexp is found.</p> - </desc> - - <marker id="write_file"></marker> + </desc> </func> <func> @@ -359,8 +345,6 @@ port. When it receives a request for read or write, it spawns a temporary server process handling the actual transfer of the (virtual) file.</p> - - <marker id="read_file"></marker> </desc> </func> @@ -393,7 +377,6 @@ matching regexp is found.</p> </desc> </func> - </funcs> <section> diff --git a/lib/orber/doc/src/notes.xml b/lib/orber/doc/src/notes.xml index 3f7d4121fd..7b5d0f96ca 100644 --- a/lib/orber/doc/src/notes.xml +++ b/lib/orber/doc/src/notes.xml @@ -169,11 +169,9 @@ <section><title>Known Bugs and Problems</title> <list> <item> - <p> <p> - </p></p> - <p> - Own Id: OTP-10675 Aux Id: seq12154 </p> + Own Id: OTP-10675 Aux Id: seq12154 + </p> </item> </list> </section> diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml index b3f850fc38..850557444d 100644 --- a/lib/ssh/doc/src/ssh.xml +++ b/lib/ssh/doc/src/ssh.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>2004</year><year>2014</year> + <year>2004</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -418,10 +418,10 @@ <c><![CDATA["publickey,keyboard-interactive,password"]]></c></p> </item> - <tag><c><![CDATA[{auth_method_kb_interactive_data, PromptTexts}]]> - <br/>where: - <br/>PromptTexts = kb_int_tuple() | fun(Peer::{IP::tuple(),Port::integer()}, User::string(), Service::string()) -> kb_int_tuple() - <br/>kb_int_tuple() = {Name::string(), Instruction::string(), Prompt::string(), Echo::boolean()}</c> + <tag><c><![CDATA[{auth_method_kb_interactive_data, PromptTexts}]]></c> + <br/><c>where:</c> + <br/><c>PromptTexts = kb_int_tuple() | fun(Peer::{IP::tuple(),Port::integer()}, User::string(), Service::string()) -> kb_int_tuple()</c> + <br/><c>kb_int_tuple() = {Name::string(), Instruction::string(), Prompt::string(), Echo::boolean()}</c> </tag> <item> <p>Sets the text strings that the daemon sends to the client for presentation to the user when using <c>keyboar-interactive</c> authentication. If the fun/3 is used, it is called when the actual authentication occurs and may therefore return dynamic data like time, remote ip etc.</p> @@ -516,29 +516,29 @@ <item> <p>Provides a function for password validation. This could used for calling an external system or if passwords should be stored as a hash. The fun returns: - <list type="bulleted"> - <item><c>true</c> if the user and password is valid and</item> - <item><c>false</c> otherwise.</item> - </list> </p> + <list type="bulleted"> + <item><c>true</c> if the user and password is valid and</item> + <item><c>false</c> otherwise.</item> + </list> <p>This fun can also be used to make delays in authentication tries for example by calling <seealso marker="stdlib:timer#sleep/1">timer:sleep/1</seealso>. To facilitate counting of failed tries the <c>State</c> variable could be used. This state is per connection only. The first time the pwdfun is called for a connection, the <c>State</c> variable has the value <c>undefined</c>. The pwdfun can return - in addition to the values above - a new state as: - <list type="bulleted"> - <item><c>{true, NewState:any()}</c> if the user and password is valid or</item> - <item><c>{false, NewState:any()}</c> if the user or password is invalid</item> - </list> </p> + <list type="bulleted"> + <item><c>{true, NewState:any()}</c> if the user and password is valid or</item> + <item><c>{false, NewState:any()}</c> if the user or password is invalid</item> + </list> <p>A third usage is to block login attempts from a missbehaving peer. The <c>State</c> described above can be used for this. In addition to the responses above, the following return value is introduced: + </p> <list type="bulleted"> <item><c>disconnect</c> if the connection should be closed immediately after sending a SSH_MSG_DISCONNECT message.</item> </list> - </p> </item> <tag><c><![CDATA[{pwdfun, fun(User::string(), Password::string()) -> boolean()}]]></c></tag> diff --git a/lib/ssh/doc/src/ssh_app.xml b/lib/ssh/doc/src/ssh_app.xml index 79dd1e210e..f6ce44c015 100644 --- a/lib/ssh/doc/src/ssh_app.xml +++ b/lib/ssh/doc/src/ssh_app.xml @@ -4,7 +4,7 @@ <appref> <header> <copyright> - <year>2012</year><year>2013</year> + <year>2012</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -214,21 +214,21 @@ <p>The following rfc:s are supported:</p> <list type="bulleted"> <item><url href="https://tools.ietf.org/html/rfc4251">RFC 4251</url>, The Secure Shell (SSH) Protocol Architecture. - <p>Except + <p>Except</p> <list type="bulleted"> <item>9.4.6 Host-Based Authentication</item> <item>9.5.2 Proxy Forwarding</item> <item>9.5.3 X11 Forwarding</item> </list> - </p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc4252">RFC 4252</url>, The Secure Shell (SSH) Authentication Protocol. - <p>Except + <p>Except</p> <list type="bulleted"> <item>9. Host-Based Authentication: "hostbased"</item> </list> - </p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc4253">RFC 4253</url>, The Secure Shell (SSH) Transport Layer Protocol. @@ -236,32 +236,32 @@ </item> <item><url href="https://tools.ietf.org/html/rfc4254">RFC 4254</url>, The Secure Shell (SSH) Connection Protocol. - <p>Except + <p>Except</p> <list type="bulleted"> <item>6.3. X11 Forwarding</item> <item>7. TCP/IP Port Forwarding</item> </list> - </p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc4256">RFC 4256</url>, Generic Message Exchange Authentication for the Secure Shell Protocol (SSH). - <p>Except + <p>Except</p> <list type="bulleted"> <item><c>num-prompts > 1</c></item> <item>password changing</item> <item>other identification methods than userid-password</item> </list> - </p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc4419">RFC 4419</url>, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol. - <p></p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc4716">RFC 4716</url>, The Secure Shell (SSH) Public Key File Format. - <p></p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc5647">RFC 5647</url>, AES Galois Counter Mode for @@ -270,34 +270,35 @@ This is resolved by OpenSSH in the ciphers [email protected] and [email protected] which are implemented. If the explicit ciphers and macs AEAD_AES_128_GCM or AEAD_AES_256_GCM are needed, they could be enabled with the option preferred_algorithms. + </p> <warning> - If the client or the server is not Erlang/OTP, it is the users responsibility to check that - other implementation has the same interpretation of AEAD_AES_*_GCM as the Erlang/OTP SSH before - enabling them. The aes*[email protected] variants are always safe to use since they lack the - ambiguity. + <p> + If the client or the server is not Erlang/OTP, it is the users responsibility to check that + other implementation has the same interpretation of AEAD_AES_*_GCM as the Erlang/OTP SSH before + enabling them. The aes*[email protected] variants are always safe to use since they lack the + ambiguity. + </p> </warning> - </p> - <p>The second paragraph in section 5.1 is resolved as: + <p>The second paragraph in section 5.1 is resolved as:</p> <list type="ordered"> <item>If the negotiated cipher is AEAD_AES_128_GCM, the mac algorithm is set to AEAD_AES_128_GCM.</item> <item>If the negotiated cipher is AEAD_AES_256_GCM, the mac algorithm is set to AEAD_AES_256_GCM.</item> <item>If the mac algorithm is AEAD_AES_128_GCM, the cipher is set to AEAD_AES_128_GCM.</item> <item>If the mac algorithm is AEAD_AES_256_GCM, the cipher is set to AEAD_AES_256_GCM.</item> </list> - The first rule that matches when read in order from the top is applied - </p> + <p>The first rule that matches when read in order from the top is applied</p> </item> <item><url href="https://tools.ietf.org/html/rfc5656">RFC 5656</url>, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer. - <p>Except + <p>Except</p> <list type="bulleted"> <item>5. ECMQV Key Exchange</item> <item>6.4. ECMQV Key Exchange and Verification Method Name</item> <item>7.2. ECMQV Message Numbers</item> <item>10.2. Recommended Curves</item> </list> - </p> + <p/> </item> <item><url href="https://tools.ietf.org/html/rfc6668">RFC 6668</url>, SHA-2 Data Integrity Verification for diff --git a/lib/ssh/doc/src/ssh_connection.xml b/lib/ssh/doc/src/ssh_connection.xml index 064a623eb6..150d46a9a2 100644 --- a/lib/ssh/doc/src/ssh_connection.xml +++ b/lib/ssh/doc/src/ssh_connection.xml @@ -5,7 +5,7 @@ <header> <copyright> <year>2008</year> - <year>2014</year> + <year>2015</year> <holder>Ericsson AB, All Rights Reserved</holder> </copyright> <legalnotice> @@ -31,15 +31,15 @@ <rev></rev> </header> <module>ssh_connection</module> - <modulesummary>This module provides API functions to send - <url href="http://www.ietf.org/rfc/rfc4254.txt"> SSH Connection Protocol </url> - events to the other side of an SSH channel. + <modulesummary> + This module provides API functions to send SSH Connection Protocol + events to the other side of an SSH channel. </modulesummary> <description> - <p>The SSH Connection Protocol is used by clients and servers, - that is, SSH channels, to communicate over the SSH connection. The - API functions in this module send SSH Connection Protocol events, + <p>The <url href="http://www.ietf.org/rfc/rfc4254.txt">SSH Connection Protocol</url> + is used by clients and servers, that is, SSH channels, to communicate over the + SSH connection. The API functions in this module send SSH Connection Protocol events, which are received as messages by the remote channel. If the receiving channel is an Erlang process, the messages have the format diff --git a/lib/ssh/doc/src/ssh_server_key_api.xml b/lib/ssh/doc/src/ssh_server_key_api.xml index efb2c436e8..a0694ca8d9 100644 --- a/lib/ssh/doc/src/ssh_server_key_api.xml +++ b/lib/ssh/doc/src/ssh_server_key_api.xml @@ -5,7 +5,7 @@ <header> <copyright> <year>2012</year> - <year>2013</year> + <year>2015</year> <holder>Ericsson AB, All Rights Reserved</holder> </copyright> <legalnotice> @@ -75,7 +75,7 @@ <d>Host key algorithm. Is to support <c>'ssh-rsa' | 'ssh-dss'</c>, but more algorithms can be handled.</d> <v>DaemonOptions = proplists:proplist()</v> - <d>Options provided to <seealso marker="ssh#daemon-2">ssh:daemon/[2,3]</seealso>.</d> + <d>Options provided to <seealso marker="ssh#daemon-2">ssh:daemon/[2,3]</seealso>.</d> <v>Key = private_key()</v> <d>Private key of the host matching the <c>Algorithm</c>.</d> <v>Reason = term()</v> diff --git a/lib/ssh/doc/src/ssh_sftp.xml b/lib/ssh/doc/src/ssh_sftp.xml index 17800fac5d..c6ca0f161a 100644 --- a/lib/ssh/doc/src/ssh_sftp.xml +++ b/lib/ssh/doc/src/ssh_sftp.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>2005</year><year>2014</year> + <year>2005</year><year>2015</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -61,20 +61,23 @@ <funcs> <func> - <name>apread(ChannelPid, Handle, Position, Len) -> {async, N} | {error, Error}</name> - <v>ChannelPid = pid()</v> - <v>Handle = term()</v> - <v>Position = integer()</v> - <v>Len = integer()</v> - <v>N = term()</v> - <v>Reason = term()</v> - - <desc><p>The <c><![CDATA[apread]]></c> function reads from a specified position, - combining the <c><![CDATA[position]]></c> and <c><![CDATA[aread]]></c> functions.</p> + <name>apread(ChannelPid, Handle, Position, Len) -> {async, N} | {error, Reason}</name> + <fsummary>Reads asynchronously from an open file.</fsummary> + <type> + <v>ChannelPid = pid()</v> + <v>Handle = term()</v> + <v>Position = integer()</v> + <v>Len = integer()</v> + <v>N = term()</v> + <v>Reason = term()</v> + </type> + + <desc><p>The <c><![CDATA[apread]]></c> function reads from a specified position, + combining the <c><![CDATA[position]]></c> and <c><![CDATA[aread]]></c> functions.</p> <p><seealso marker="#apread-4">ssh_sftp:apread/4</seealso></p> </desc> - </func> - - <func> + </func> + + <func> <name>apwrite(ChannelPid, Handle, Position, Data) -> ok | {error, Reason}</name> <fsummary>Writes asynchronously to an open file.</fsummary> <type> diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 3a541ed162..bf87644116 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -31,37 +31,13 @@ <module>ssl</module> <modulesummary>Interface Functions for Secure Socket Layer</modulesummary> <description> - <p>This module contains interface functions for the SSL.</p> + <p> + This module contains interface functions for the SSL/TLS protocol. + For detailed information about the supported standards see + <seealso marker="ssl_app">ssl(6)</seealso>. + </p> </description> - - <section> - <title>SSL</title> - - <list type="bulleted"> - <item>For application dependencies see <seealso marker="ssl_app"> ssl(6)</seealso> </item> - <item>Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, - TLS-1.1, and TLS-1.2.</item> - <item>For security reasons SSL-2.0 is not supported.</item> - <item>For security reasons SSL-3.0 is no longer supported by default, - but can be configured.</item> - <item>Ephemeral Diffie-Hellman cipher suites are supported, - but not Diffie Hellman Certificates cipher suites.</item> - <item>Elliptic Curve cipher suites are supported if the Crypto - application supports it and named curves are used. - </item> - <item>Export cipher suites are not supported as the - U.S. lifted its export restrictions in early 2000.</item> - <item>IDEA cipher suites are not supported as they have - become deprecated by the latest TLS specification so it is not - motivated to implement them.</item> - <item>CRL validation is supported.</item> - <item>Policy certificate extensions are not supported.</item> - <item>'Server Name Indication' extension client side - (RFC 6066, Section 3) is supported.</item> - </list> - - </section> - + <section> <title>DATA TYPES</title> <p>The following data types are used in the functions for SSL:</p> @@ -480,8 +456,8 @@ fun(srp, Username :: string(), UserState :: term()) -> <p>The negotiated protocol can be retrieved using the <c>negotiated_protocol/1</c> function.</p> </item> - <tag><c>{client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}}</c></tag> - <tag><c>{client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}}</c></tag> + <tag><c>{client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}}</c><br/> + <c>{client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}}</c></tag> <item> <p>Indicates that the client is to try to perform Next Protocol Negotiation.</p> @@ -538,7 +514,6 @@ fun(srp, Username :: string(), UserState :: term()) -> be supported by the server for the prevention to work. </p></warning> </item> - </taglist> </section> diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 24b0f5300e..6c82e32a74 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -33,7 +33,33 @@ <appsummary>The ssl application provides secure communication over sockets.</appsummary> - <description></description> + <description> + <p> + The ssl application is an implementation of the SSL/TLS protocol in Erlang. + </p> + <list type="bulleted"> + <item>Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, + TLS-1.1, and TLS-1.2.</item> + <item>For security reasons SSL-2.0 is not supported.</item> + <item>For security reasons SSL-3.0 is no longer supported by default, + but can be configured.</item> + <item>Ephemeral Diffie-Hellman cipher suites are supported, + but not Diffie Hellman Certificates cipher suites.</item> + <item>Elliptic Curve cipher suites are supported if the Crypto + application supports it and named curves are used. + </item> + <item>Export cipher suites are not supported as the + U.S. lifted its export restrictions in early 2000.</item> + <item>IDEA cipher suites are not supported as they have + become deprecated by the latest TLS specification so it is not + motivated to implement them.</item> + <item>CRL validation is supported.</item> + <item>Policy certificate extensions are not supported.</item> + <item>'Server Name Indication' extension client side + (RFC 6066, Section 3) is supported.</item> + </list> + </description> + <section> <title>DEPENDENCIES</title> <p>The SSL application uses the <c>public_key</c> and @@ -58,7 +84,7 @@ <p><c>erl -ssl protocol_version "['tlsv1.2', 'tlsv1.1']"</c></p> <taglist> - <tag><c> protocol_version = <seealso marker="ssl#type-protocol">ssl:protocol()</seealso> <![CDATA[<optional>]]></c></tag> + <tag><c>protocol_version = </c><seealso marker="ssl#type-protocol">ssl:protocol()</seealso><c><![CDATA[<optional>]]></c></tag> <item><p>Protocol supported by started clients and servers. If this option is not set, it defaults to all protocols currently supported by the SSL application. @@ -78,8 +104,8 @@ <item><p>List of extra user-defined arguments to the <c>init</c> function in the session cache callback module. Defaults to <c>[]</c>.</p></item> - <tag><c><![CDATA[session_cache_client_max = integer() <optional>]]></c></tag> - <tag><c><![CDATA[session_cache_server_max = integer() <optional>]]></c></tag> + <tag><c><![CDATA[session_cache_client_max = integer() <optional>]]></c><br/> + <c><![CDATA[session_cache_server_max = integer() <optional>]]></c></tag> <item><p>Limits the growth of the clients/servers session cache, if the maximum number of sessions is reached, the current cache entries will be invalidated regardless of their remaining lifetime. Defaults to 1000. diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 71c1c61fe8..03ac010bfe 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -84,9 +84,9 @@ <v> CRLs = [<seealso marker="public_key:public_key">public_key:der_encoded()</seealso>] </v> </type> - <desc> <p>Lookup the CRLs belonging to the distribution point <c> Distributionpoint</c>. </p> + <desc> <p>Lookup the CRLs belonging to the distribution point <c> Distributionpoint</c>. This function may choose to only look in the cache or to follow distribution point - links depending on how the cache is administrated. + links depending on how the cache is administrated. </p> </desc> </func> @@ -103,4 +103,4 @@ </desc> </func> </funcs> -</erlref>
\ No newline at end of file +</erlref> diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index bd9330056d..b85d8fb284 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -31,9 +31,13 @@ <module>ssl_session_cache_api</module> <modulesummary>TLS session cache API</modulesummary> - <description>Defines the API for the TLS session cache so - that the data storage scheme can be replaced by - defining a new callback module implementing this API.</description> + <description> + <p> + Defines the API for the TLS session cache so + that the data storage scheme can be replaced by + defining a new callback module implementing this API. + </p> + </description> <section> <title>DATA TYPES</title> |