diff options
Diffstat (limited to 'lib/ssl/doc/src')
| -rw-r--r-- | lib/ssl/doc/src/notes.xml | 89 | ||||
| -rw-r--r-- | lib/ssl/doc/src/ssl.xml | 20 | 
2 files changed, 98 insertions, 11 deletions
| diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 756c0d1b1f..8f81ccb567 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -31,7 +31,94 @@    <p>This document describes the changes made to the SSL application.      </p> -    <section><title>SSL 4.1</title> +    <section><title>SSL 4.1.3</title> + +    <section><title>Fixed Bugs and Malfunctions</title> +      <list> +        <item> +          <p> +	    Fixed error in cache-handling fix from ssl-4.1.2</p> +          <p> +	    Own Id: OTP-9018 Aux Id: seq11739 </p> +        </item> +        <item> +          <p> +	    Verification of a critical extended_key_usage-extension +	    corrected</p> +          <p> +	    Own Id: OTP-9029 Aux Id: seq11541 </p> +        </item> +      </list> +    </section> + +</section> + +<section><title>SSL 4.1.2</title> + +    <section><title>Fixed Bugs and Malfunctions</title> +      <list> +        <item> +          <p> +	    The ssl application caches certificate files, it will now +	    invalidate cache entries if the diskfile is changed.</p> +          <p> +	    Own Id: OTP-8965 Aux Id: seq11739 </p> +        </item> +        <item> +          <p> +	    Now runs the terminate function before returning from the +	    call made by ssl:close/1, as before the caller of +	    ssl:close/1 could get problems with the reuseaddr option.</p> +          <p> +	    Own Id: OTP-8992</p> +        </item> +      </list> +    </section> + +</section> + +<section><title>SSL 4.1.1</title> + +    <section><title>Fixed Bugs and Malfunctions</title> +      <list> +        <item> +          <p> +	    Correct handling of client certificate verify message +	    When checking the client certificate verify message the +	    server used the wrong algorithm identifier to determine +	    the signing algorithm, causing a function clause error in +	    the public_key application when the key-exchange +	    algorithm and the public key algorithm of the client +	    certificate happen to differ.</p> +          <p> +	    Own Id: OTP-8897</p> +        </item> +      </list> +    </section> + + +    <section><title>Improvements and New Features</title> +      <list> +        <item> +          <p> +	    For testing purposes ssl now also support some anonymous +	    cipher suites when explicitly configured to do so.</p> +          <p> +	    Own Id: OTP-8870</p> +        </item> +        <item> +          <p> +	    Sends an error alert instead of crashing if a crypto +	    function for the selected cipher suite fails.</p> +          <p> +	    Own Id: OTP-8930 Aux Id: seq11720 </p> +        </item> +      </list> +    </section> + +</section> + +<section><title>SSL 4.1</title>      <section><title>Improvements and New Features</title>        <list> diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index ec272379bb..daf7b77527 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -4,7 +4,7 @@  <erlref>    <header>      <copyright> -      <year>1999</year><year>2010</year> +      <year>1999</year><year>2011</year>        <holder>Ericsson AB. All Rights Reserved.</holder>      </copyright>      <legalnotice> @@ -72,10 +72,10 @@        {verify_fun, {fun(), term()}} |        {fail_if_no_peer_cert, boolean()}        {depth, integer()} | -      {cert, der_bin()}| {certfile, path()} | -      {key, der_bin()} | {keyfile, path()} | {password, string()} | -      {cacerts, [der_bin()]} | {cacertfile, path()} | -      |{dh, der_bin()} | {dhfile, path()} | {ciphers, ciphers()} | +      {cert, der_encoded()}| {certfile, path()} | +      {key, der_encoded()} | {keyfile, path()} | {password, string()} | +      {cacerts, [der_encoded()]} | {cacertfile, path()} | +      |{dh, der_encoded()} | {dhfile, path()} | {ciphers, ciphers()} |        {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()}       </c></p> @@ -95,7 +95,7 @@      <p><c>path() = string() - representing a file path.</c></p> -    <p><c>der_bin() = binary() -Asn1 DER encoded entity as an erlang binary.</c></p> +    <p><c>der_encoded() = binary() -Asn1 DER encoded entity as an erlang binary.</c></p>      <p><c>host() = hostname() | ipaddress()</c></p> @@ -136,14 +136,14 @@      <taglist> -      <tag>{cert, der_bin()}</tag> +      <tag>{cert, der_encoded()}</tag>        <item> The DER encoded users certificate. If this option        is supplied it will override the certfile option.</item>        <tag>{certfile, path()}</tag>        <item>Path to a file containing the user's certificate.</item> -      <tag>{key, der_bin()}</tag> +      <tag>{key, der_encoded()}</tag>        <item> The DER encoded users private key. If this option        is supplied it will override the keyfile option.</item> @@ -158,7 +158,7 @@  	Only used if the private keyfile is password protected.        </item> -      <tag>{cacerts, [der_bin()]}</tag> +      <tag>{cacerts, [der_encoded()]}</tag>        <item> The DER encoded trusted certificates. If this option        is supplied it will override the cacertfile option.</item> @@ -301,7 +301,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |      <taglist> -      <tag>{dh, der_bin()}</tag> +      <tag>{dh, der_encoded()}</tag>        <item>The DER encoded Diffie Hellman parameters. If this option        is supplied it will override the dhfile option.        </item> | 
