aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--lib/eldap/doc/src/eldap.xml10
1 files changed, 7 insertions, 3 deletions
diff --git a/lib/eldap/doc/src/eldap.xml b/lib/eldap/doc/src/eldap.xml
index bb107822b3..5b81716543 100644
--- a/lib/eldap/doc/src/eldap.xml
+++ b/lib/eldap/doc/src/eldap.xml
@@ -89,14 +89,14 @@ filter() See present/1, substrings/2,
</func>
<func>
<name>start_tls(Handle, Options) -> ok | {error,Error}</name>
- <fsummary>Shutdown the connection.</fsummary>
+ <fsummary>Upgrade a connection to TLS.</fsummary>
<desc>
<p>Same as start_tls(Handle, Options, infinity)</p>
</desc>
</func>
<func>
<name>start_tls(Handle, Options, Timeout) -> ok | {error,Error}</name>
- <fsummary>Shutdown the connection.</fsummary>
+ <fsummary>Upgrade a connection to TLS.</fsummary>
<type>
<v>Handle = handle()</v>
<v>Options = ssl:ssl_options()</v>
@@ -104,12 +104,16 @@ filter() See present/1, substrings/2,
</type>
<desc>
<p>Upgrade the connection associated with <c>Handle</c> to a tls connection if possible.</p>
- <p>Among the Error responses we find:</p>
+ <p>The upgrade is done in two phases: first the server is asked for permission to upgrade. Second, if the request is acknowledged, the upgrade is performed.</p>
+ <p>Error responese from phase one will not affect the current encryption state of the connection. Those responses are:</p>
<taglist>
<tag><c>tls_already_started</c></tag>
<item>The connection is already encrypted. The connection is not affected.</item>
<tag><c>{response,ResponseFromServer}</c></tag>
<item>The upgrade was refused by the LDAP server. The <c>ResponseFromServer</c> is an atom delivered byt the LDAP server explained in section 2.3 of rfc 2830. The connection is not affected, so it is still un-encrypted.</item>
+ </taglist>
+ <p>Errors in the seconde phase will however end the connection:</p>
+ <taglist>
<tag><c>Error</c></tag>
<item>Any error responded from ssl:connect/3</item>
</taglist>