1 files changed, 137 insertions, 0 deletions
diff --git a/lib/cosFileTransfer/doc/src/ch_system.xml b/lib/cosFileTransfer/doc/src/ch_system.xml
new file mode 100644
index 0000000000..51a8ac86cd
--- /dev/null
+++ b/lib/cosFileTransfer/doc/src/ch_system.xml
@@ -0,0 +1,137 @@
+<?xml version="1.0" encoding="latin1" ?>
+<!DOCTYPE chapter SYSTEM "chapter.dtd">
+
+<chapter>
+  <header>
+    <copyright>
+      <year>2001</year><year>2009</year>
+      <holder>Ericsson AB. All Rights Reserved.</holder>
+    </copyright>
+    <legalnotice>
+      The contents of this file are subject to the Erlang Public License,
+      Version 1.1, (the "License"); you may not use this file except in
+      compliance with the License. You should have received a copy of the
+      Erlang Public License along with this software. If not, it can be
+      retrieved online at http://www.erlang.org/.
+    
+      Software distributed under the License is distributed on an "AS IS"
+      basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
+      the License for the specific language governing rights and limitations
+      under the License.
+    
+    </legalnotice>
+
+    <title>Using the File Transfer Service</title>
+    <prepared></prepared>
+    <docno></docno>
+    <date>2001-08-07</date>
+    <rev></rev>
+    <file>ch_system.xml</file>
+  </header>
+
+  <section>
+    <title>Overview</title>
+    <p>This chapter describes how two File Transfer Service applications interact.</p>
+
+    <section>
+      <title>Components</title>
+      <p>There are several ways the OMG File Transfer Service can be used. 
+        Below one scenario is visualized: </p>
+      <marker id="CosFileTransfer"></marker>
+      <image file="CosFileTransfer.gif">
+        <icaption>Figure 1: The File Transfer Service Components.</icaption>
+      </image>
+      <list type="bulleted">
+        <item><em>Source ORB:</em> this is the ORB we want to transfer a file from/via and it holds 
+         an object reference to a 
+        <seealso marker="CosFileTransfer_VirtualFileSystem">Virtual File System (VFS)</seealso> which, 
+         in this example, represents an FTP server.</item>
+        <item><em>Target ORB:</em> the goal may be, for example, to transfer a new file or append to an 
+         existing file placed at the location that this ORB's <c>VFS</c> represents.
+         In this scenario it is the local disk or the NFS.</item>
+        <item><em>Transport Protocol:</em> initially the ORB's, i.e., target and source, communicate via
+         normal <c>CORBA</c> requests to determine whether or not they can communicate. If the 
+         File Transfer Service's have one, or more, <c>Transport Protocol</c> in common the data
+         will be streamed using this protocol. The cosFileTransfer application currently supports 
+        <c>TCP/IP</c> and <c>SSL</c>.</item>
+      </list>
+      <p>Which type of file system the <c>VFS</c> is supposed to represent is determined
+        by the options given when creating it, which is also how one determine which 
+        <c>Transport Protocol</c> to use. Hence, the source and target <c>VFS</c> described above
+        can be started by invoking, respectively, the following operations:</p>
+      <code type="none">
+1> SVFS = cosFileTransferApp:create_VFS('FTP', [], Host, 21, [{protocol, tcp}]),
+2> TVFS = cosFileTransferApp:create_VFS({'NATIVE', 'cosFileTransferNATIVE_file'}, 
+                                        [], OtherHost, 0, [{protocol, tcp}]),
+      </code>
+      <p>Naturally can any combination of <c>VFS</c>-types be used and it is also possible
+        to use own drivers, i.e., <c>{'NATIVE', 'MyDriver'}</c>.</p>
+      <p>After creating necessary <c>VFS's</c> we can login in and perform operations
+        on files and directories residing on each file system.</p>
+    </section>
+
+    <section>
+      <title>How To Use SSL</title>
+      <p>To be able to use <c>SSL</c> as transport protocol a few configuration
+        parameters must be set. The required parameters depend on if Orber is
+        the target or/and the source ORB. However, the SSL_CERT_FILE variable
+        must be defined in both cases.</p>
+      <p>Setting of a CA certificate file with an option does not work due to 
+        weaknesses in the SSLeay package. A work-around in the ssl application is 
+        to set the OS environment variable SSL_CERT_FILE before SSL is started. 
+        However, then the CA certificate file will be global for all connections 
+        (both incoming and outgoing calls).</p>
+
+      <section>
+        <title>Configurations when cosFileTransfer is Used as Target</title>
+        <p>The following three configuration variables can be used to configure
+          cosFileTransfer's SSL target behavior.</p>
+        <list type="bulleted">
+          <item><em>ssl_server_certfile</em> which is a path to a file containing a
+           chain of PEM encoded certificates for cosFileTransfer as target.</item>
+          <item><em>ssl_server_verify</em> which specifies type of verification: 
+           0 = do not verify peer; 1 = verify peer, verify client once, 2 = 
+           verify peer, verify client once, fail if no peer certificate. 
+           The default value is 0.</item>
+          <item><em>ssl_server_depth</em> which specifies verification depth, i.e.
+           how far in a chain of certificates the verification process shall 
+           proceed before the verification is considered successful. The
+           default value is 1. </item>
+        </list>
+        <p>There also exist a number of API functions for accessing the values of 
+          these variables:</p>
+        <list type="bulleted">
+          <item>cosFileTransferApp:ssl_server_certfile/0</item>
+          <item>cosFileTransferApp:ssl_server_verify/0</item>
+          <item>cosFileTransferApp:ssl_server_depth/0</item>
+        </list>
+      </section>
+
+      <section>
+        <title>Configurations when cosFileTransfer is used as Source</title>
+        <p>Below is the list of configuration variables used when cosFileTransfer
+          act as the source application.</p>
+        <list type="bulleted">
+          <item><em>ssl_client_certfile</em> which is a path to a file containing a
+           chain of PEM encoded certificates used in outgoing calls.</item>
+          <item><em>ssl_client_verify</em> which specifies type of verification: 
+           0 = do not verify peer; 1 = verify peer, verify client once, 2 = 
+           verify peer, verify client once, fail if no peer certificate. 
+           The default value is 0.</item>
+          <item><em>ssl_client_depth</em> which specifies verification depth, i.e. 
+           how far in a chain of certificates the verification process shall
+           proceed before the verification is considered successful. The
+           default value is 1. </item>
+        </list>
+        <p>There also exist a number of API functions for accessing the values of
+          these variables in the client processes:</p>
+        <list type="bulleted">
+          <item>cosFileTransferApp:ssl_client_certfile/0</item>
+          <item>cosFileTransferApp:ssl_client_verify/0</item>
+          <item>cosFileTransferApp:ssl_client_depth/0</item>
+        </list>
+      </section>
+    </section>
+  </section>
+</chapter>
+