diff options
Diffstat (limited to 'lib/ssl/doc/src')
| -rw-r--r-- | lib/ssl/doc/src/book.xml | 2 | ||||
| -rw-r--r-- | lib/ssl/doc/src/notes.xml | 77 | ||||
| -rw-r--r-- | lib/ssl/doc/src/ssl.xml | 41 | ||||
| -rw-r--r-- | lib/ssl/doc/src/using_ssl.xml | 2 |
4 files changed, 100 insertions, 22 deletions
diff --git a/lib/ssl/doc/src/book.xml b/lib/ssl/doc/src/book.xml index 85d6b56b26..ecfb915b44 100644 --- a/lib/ssl/doc/src/book.xml +++ b/lib/ssl/doc/src/book.xml @@ -4,7 +4,7 @@ <book xmlns:xi="http://www.w3.org/2001/XInclude"> <header titlestyle="normal"> <copyright> - <year>1999</year><year>2009</year> + <year>1999</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml index 313f1e59c9..52ee9c086a 100644 --- a/lib/ssl/doc/src/notes.xml +++ b/lib/ssl/doc/src/notes.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>1999</year><year>2010</year> + <year>1999</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -31,7 +31,80 @@ <p>This document describes the changes made to the SSL application. </p> - <section><title>SSL 4.1.1</title> + <section><title>SSL 4.1.4</title> + + <section><title>Improvements and New Features</title> + <list> + <item> + <p> + Reduced memory footprint of an ssl connection.</p> + <p> + Handshake hashes, premaster secret and "public_key_info" + does not need to be saved when the connection has been + established. The own certificate is no longer duplicated + in the state.</p> + <p> + Own Id: OTP-9021</p> + </item> + <item> + <p> + Add the option {hibernate_after, int()} to ssl:connect + and ssl:listen</p> + <p> + Own Id: OTP-9106</p> + </item> + </list> + </section> + +</section> + +<section><title>SSL 4.1.3</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + Fixed error in cache-handling fix from ssl-4.1.2</p> + <p> + Own Id: OTP-9018 Aux Id: seq11739 </p> + </item> + <item> + <p> + Verification of a critical extended_key_usage-extension + corrected</p> + <p> + Own Id: OTP-9029 Aux Id: seq11541 </p> + </item> + </list> + </section> + +</section> + +<section><title>SSL 4.1.2</title> + + <section><title>Fixed Bugs and Malfunctions</title> + <list> + <item> + <p> + The ssl application caches certificate files, it will now + invalidate cache entries if the diskfile is changed.</p> + <p> + Own Id: OTP-8965 Aux Id: seq11739 </p> + </item> + <item> + <p> + Now runs the terminate function before returning from the + call made by ssl:close/1, as before the caller of + ssl:close/1 could get problems with the reuseaddr option.</p> + <p> + Own Id: OTP-8992</p> + </item> + </list> + </section> + +</section> + +<section><title>SSL 4.1.1</title> <section><title>Fixed Bugs and Malfunctions</title> <list> diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index ec272379bb..0da6bbee5b 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -4,7 +4,7 @@ <erlref> <header> <copyright> - <year>1999</year><year>2010</year> + <year>1999</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> @@ -53,13 +53,11 @@ <p>The following data types are used in the functions below: </p> - <p><c>boolean() = true | false</c></p> - - <p><c>property() = atom()</c></p> - + <p><c>boolean() = true | false</c></p> + <p><c>option() = socketoption() | ssloption() | transportoption()</c></p> - <p><c>socketoption() = [{property(), term()}] - defaults to + <p><c>socketoption() = proplists:property() - The default socket options are [{mode,list},{packet, 0},{header, 0},{active, true}]. </c></p> @@ -72,10 +70,10 @@ {verify_fun, {fun(), term()}} | {fail_if_no_peer_cert, boolean()} {depth, integer()} | - {cert, der_bin()}| {certfile, path()} | - {key, der_bin()} | {keyfile, path()} | {password, string()} | - {cacerts, [der_bin()]} | {cacertfile, path()} | - |{dh, der_bin()} | {dhfile, path()} | {ciphers, ciphers()} | + {cert, der_encoded()}| {certfile, path()} | + {key, der_encoded()} | {keyfile, path()} | {password, string()} | + {cacerts, [der_encoded()]} | {cacertfile, path()} | + |{dh, der_encoded()} | {dhfile, path()} | {ciphers, ciphers()} | {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()} </c></p> @@ -95,7 +93,7 @@ <p><c>path() = string() - representing a file path.</c></p> - <p><c>der_bin() = binary() -Asn1 DER encoded entity as an erlang binary.</c></p> + <p><c>der_encoded() = binary() -Asn1 DER encoded entity as an erlang binary.</c></p> <p><c>host() = hostname() | ipaddress()</c></p> @@ -136,14 +134,14 @@ <taglist> - <tag>{cert, der_bin()}</tag> + <tag>{cert, der_encoded()}</tag> <item> The DER encoded users certificate. If this option is supplied it will override the certfile option.</item> <tag>{certfile, path()}</tag> <item>Path to a file containing the user's certificate.</item> - <tag>{key, der_bin()}</tag> + <tag>{key, der_encoded()}</tag> <item> The DER encoded users private key. If this option is supplied it will override the keyfile option.</item> @@ -158,7 +156,7 @@ Only used if the private keyfile is password protected. </item> - <tag>{cacerts, [der_bin()]}</tag> + <tag>{cacerts, [der_encoded()]}</tag> <item> The DER encoded trusted certificates. If this option is supplied it will override the cacertfile option.</item> @@ -266,9 +264,16 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | <p>Possible path validation errors: </p> -<p> {bad_cert, cert_expired}, {bad_cert, invalid_issuer}, {bad_cert, invalid_signature}, {bad_cert, unknown_ca}, {bad_cert, name_not_permitted}, {bad_cert, missing_basic_constraint}, {bad_cert, invalid_key_usage}</p> +<p> {bad_cert, cert_expired}, {bad_cert, invalid_issuer}, {bad_cert, invalid_signature}, {bad_cert, unknown_ca},{bad_cert, selfsigned_peer}, {bad_cert, name_not_permitted}, {bad_cert, missing_basic_constraint}, {bad_cert, invalid_key_usage}</p> </item> + <tag>{hibernate_after, integer()|undefined}</tag> + <item>When an integer-value is specified, the <code>ssl_connection</code> + will go into hibernation after the specified number of milliseconds + of inactivity, thus reducing its memory footprint. When + <code>undefined</code> is specified (this is the default), the process + will never go into hibernation. + </item> </taglist> </section> @@ -301,7 +306,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | <taglist> - <tag>{dh, der_bin()}</tag> + <tag>{dh, der_encoded()}</tag> <item>The DER encoded Diffie Hellman parameters. If this option is supplied it will override the dhfile option. </item> @@ -481,7 +486,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | <fsummary>Get the value of the specified options.</fsummary> <type> <v>Socket = sslsocket()</v> - <v>OptionNames = [property()]</v> + <v>OptionNames = [atom()]</v> </type> <desc> <p>Get the value of the specified socket options, if no @@ -576,7 +581,7 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | <fsummary>Write data to a socket.</fsummary> <type> <v>Socket = sslsocket()</v> - <v>Data = iolist() | binary()</v> + <v>Data = iodata()</v> </type> <desc> <p>Writes <c>Data</c> to <c>Socket</c>. </p> diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index 4bdd8f97b4..605290b6f9 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -4,7 +4,7 @@ <chapter> <header> <copyright> - <year>2003</year><year>2009</year> + <year>2003</year><year>2011</year> <holder>Ericsson AB. All Rights Reserved.</holder> </copyright> <legalnotice> |