2 files changed, 126 insertions, 21 deletions

diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml
index 82eb8ff700..a511cb4db3 100644
--- a/lib/ssl/doc/src/notes.xml
+++ b/lib/ssl/doc/src/notes.xml
@@ -27,6 +27,117 @@
   </header>
   <p>This document describes the changes made to the SSL application.</p>
 
+<section><title>SSL 9.2.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    The timeout for a passive receive was sometimes not
+	    cancelled and later caused a server crash. This bug has
+	    now been corrected.</p>
+          <p>
+	    Own Id: OTP-14701 Aux Id: ERL-883, ERL-884 </p>
+        </item>
+        <item>
+          <p>
+	    Add tag for passive message (active N) in cb_info to
+	    retain transport transparency.</p>
+          <p>
+	    Own Id: OTP-15679 Aux Id: ERL-861 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>SSL 9.2</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Fix bug that an incorrect return value for gen_statem
+	    could be created when alert was a result of handling
+	    renegotiation info extension</p>
+          <p>
+	    Own Id: OTP-15502</p>
+        </item>
+        <item>
+          <p>
+	    Correct check for 3des_ede_cbc, could cause ssl to claim
+	    to support 3des_ede_cbc when cryptolib does not.</p>
+          <p>
+	    Own Id: OTP-15539</p>
+        </item>
+        <item>
+          <p>
+	    Improved DTLS error handling, avoids unexpected
+	    connection failure in rare cases.</p>
+          <p>
+	    Own Id: OTP-15561</p>
+        </item>
+        <item>
+          <p>
+	    Corrected active once emulation bug that could cause the
+	    ssl_closed meassage to not be sent. Bug introduced by
+	    OTP-15449</p>
+          <p>
+	    Own Id: OTP-15666 Aux Id: ERIERL-316, </p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Add client option {reuse_session, SessionID::binary()}
+	    that can be used together with new option value
+	    {reuse_sessions, save}. This makes it possible to reuse a
+	    session from a specific connection establishment.</p>
+          <p>
+	    Own Id: OTP-15369</p>
+        </item>
+        <item>
+          <p>
+	    The Reason part of of the error return from the functions
+	    connect and handshake has a better and documented format.
+	    This will sometimes differ from previous returned
+	    reasons, however those where only documented as term()
+	    and should for that reason not be relied on.</p>
+          <p>
+	    *** POTENTIAL INCOMPATIBILITY ***</p>
+          <p>
+	    Own Id: OTP-15423</p>
+        </item>
+        <item>
+          <p>
+	    Refactor of state handling to improve TLS application
+	    data throughput and reduce CPU overhead</p>
+          <p>
+	    Own Id: OTP-15445</p>
+        </item>
+        <item>
+          <p>
+	    The SSL code has been optimized in many small ways to
+	    reduce CPU load for encryption/decryption, especially for
+	    Erlang's distribution protocol over TLS.</p>
+          <p>
+	    Own Id: OTP-15529</p>
+        </item>
+        <item>
+          <p>
+	    Add support for active N</p>
+          <p>
+	    Own Id: OTP-15665 Aux Id: ERL-811, PR-2072 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>SSL 9.1.2</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index b145aac6ab..37bf9033a1 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -101,16 +101,21 @@
     <datatype>
       <name name="transport_option"/>
       <desc>
-	<p>Defaults to <c>{gen_tcp, tcp, tcp_closed, tcp_error}</c>
-	for TLS and <c>{gen_udp, udp, udp_closed, udp_error}</c> for
-	DTLS. Can be used to customize the transport layer. The tag
-	values should be the values used by the underlying transport
-	in its active mode messages. For TLS the callback module must implement a
-	reliable transport protocol, behave as <c>gen_tcp</c>, and have functions
-	corresponding to <c>inet:setopts/2</c>, <c>inet:getopts/2</c>,
-	<c>inet:peername/1</c>, <c>inet:sockname/1</c>, and <c>inet:port/1</c>.
-	The callback <c>gen_tcp</c> is treated specially and calls <c>inet</c>
-	directly. For DTLS this feature must be considered exprimental.
+	<p>Defaults to <c>{gen_tcp, tcp, tcp_closed, tcp_error,
+	tcp_passive}</c> for TLS (for backward compatibility a four
+	tuple will be converted to a five tuple with the last element
+	"second_element"_passive) and <c>{gen_udp, udp, udp_closed,
+	udp_error}</c> for DTLS (might also be changed to five tuple in
+	the future). Can be used to customize the transport layer. The
+	tag values should be the values used by the underlying
+	transport in its active mode messages. For TLS the callback
+	module must implement a reliable transport protocol, behave as
+	<c>gen_tcp</c>, and have functions corresponding to
+	<c>inet:setopts/2</c>, <c>inet:getopts/2</c>,
+	<c>inet:peername/1</c>, <c>inet:sockname/1</c>, and
+	<c>inet:port/1</c>.  The callback <c>gen_tcp</c> is treated
+	specially and calls <c>inet</c> directly. For DTLS this
+	feature must be considered exprimental.
 	</p>
       </desc>
     </datatype>
@@ -1658,17 +1663,6 @@ fun(srp, Username :: string(), UserState :: term()) ->
     </func>
 
     <func>
-      <name since="OTP 22.0">set_log_level(Level) -> ok | {error, Reason}</name>
-      <fsummary>Sets log level for the SSL application.</fsummary>
-      <type>
-        <v>Level = atom()</v>
-      </type>
-      <desc>
-        <p>Sets log level for the SSL application.</p>
-      </desc>
-    </func>
-
-    <func>
       <name since="OTP R14B">shutdown(SslSocket, How) -> ok | {error, Reason}</name>
       <fsummary>Immediately closes a socket.</fsummary>
       <type>