5 files changed, 173 insertions, 6 deletions
diff --git a/lib/ssl/doc/src/notes.xml b/lib/ssl/doc/src/notes.xml
index 3b6f988a2d..29b8e8ff67 100644
--- a/lib/ssl/doc/src/notes.xml
+++ b/lib/ssl/doc/src/notes.xml
@@ -28,6 +28,126 @@
   <p>This document describes the changes made to the SSL application.</p>
 
 
+<section><title>SSL 8.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    List of possible anonymous suites, never supported by
+	    default, where incorrect for some TLS versions.</p>
+          <p>
+	    Own Id: OTP-13926</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Experimental version of DTLS. It is runnable but not
+	    complete and cannot be considered reliable for production
+	    usage.</p>
+          <p>
+	    Own Id: OTP-12982</p>
+        </item>
+        <item>
+          <p>
+	    Add API options to handle ECC curve selection.</p>
+          <p>
+	    Own Id: OTP-13959</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>SSL 8.0.3</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    A timing related bug in event handling could cause
+	    interoperability problems between an erlang TLS server
+	    and some TLS clients, especially noticed with Firefox as
+	    TLS client.</p>
+          <p>
+	    Own Id: OTP-13917</p>
+        </item>
+        <item>
+          <p>
+	    Correct ECC curve selection, the error could cause the
+	    default to always be selected.</p>
+          <p>
+	    Own Id: OTP-13918</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>SSL 8.0.2</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    Correctly formed handshake messages received out of order
+	    will now correctly fail the connection with unexpected
+	    message.</p>
+          <p>
+	    Own Id: OTP-13853</p>
+        </item>
+      </list>
+    </section>
+
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    ssl application now behaves gracefully also on partially
+	    incorrect input from peer.</p>
+          <p>
+	    Own Id: OTP-13834</p>
+        </item>
+        <item>
+          <p>
+	    Add application environment configuration
+	    bypass_pem_cache. This can be used as a workaround for
+	    the current implementation of the PEM-cache that has
+	    proven to be a bottleneck.</p>
+          <p>
+	    Own Id: OTP-13883</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
+<section><title>SSL 8.0.1</title>
+
+    <section><title>Fixed Bugs and Malfunctions</title>
+      <list>
+        <item>
+          <p>
+	    The TLS/SSL protocol version selection for the SSL server
+	    has been corrected to follow RFC 5246 Appendix E.1
+	    especially in case where the list of supported versions
+	    has gaps. Now the server selects the highest protocol
+	    version it supports that is not higher than what the
+	    client supports.</p>
+          <p>
+	    Own Id: OTP-13753 Aux Id: seq13150 </p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>SSL 8.0</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index abba5aaf59..916b41742e 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -155,7 +155,7 @@
 
       <tag><c>cipher() =</c></tag>
       <item><p><c>rc4_128 | des_cbc | '3des_ede_cbc'
-      | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm</c></p></item>
+      | aes_128_cbc | aes_256_cbc | aes_128_gcm | aes_256_gcm | chacha20_poly1305</c></p></item>
 
       <tag><c>hash() =</c></tag>
       <item><p><c>md5 | sha | sha224 | sha256 | sha348 | sha512</c></p></item>
@@ -170,6 +170,14 @@
       <tag><c>SNIfun::fun()</c></tag>
       <item><p><c>= fun(ServerName :: string()) -> [ssl_option()]</c></p></item>
 
+      <tag><c>named_curve() =</c></tag>
+      <item><p><c>sect571r1 | sect571k1 | secp521r1 | brainpoolP512r1
+       | sect409k1 | sect409r1 | brainpoolP384r1 | secp384r1
+       | sect283k1 | sect283r1 | brainpoolP256r1 | secp256k1 | secp256r1
+       | sect239k1 | sect233k1 | sect233r1 | secp224k1 | secp224r1
+       | sect193r1 | sect193r2 | secp192k1 | secp192r1 | sect163k1
+       | sect163r1 | sect163r2 | secp160k1 | secp160r1 | secp160r2</c></p></item>
+
     </taglist>
   </section>
 
@@ -217,6 +225,11 @@
       Anonymous cipher suites are supported for testing purposes
       only and are not be used when security matters.</p></item>
 
+      <tag><c>{eccs, [named_curve()]}</c></tag>
+      <item><p> Allows to specify the order of preference for named curves
+      and to restrict their usage when using a cipher suite supporting them.
+      </p></item>
+
       <tag><c>{secure_renegotiate, boolean()}</c></tag>
       <item><p>Specifies if to reject renegotiation attempt that does
       not live up to 
@@ -411,6 +424,14 @@ marker="public_key:public_key#pkix_path_validation-3">public_key:pkix_path_valid
 	    </taglist>
 
 	  </item>
+
+	  <tag><c>max_handshake_size</c></tag>
+	  <item>
+	    <p>Integer (24 bits unsigned). Used to limit the size of
+	    valid TLS handshake packets to avoid DoS attacks.
+	    Defaults to 256*1024.</p>
+          </item>
+          
 	</taglist>
 
       </item>
@@ -751,6 +772,11 @@ fun(srp, Username :: string(), UserState :: term()) ->
       (the default), use the client's preference.
       </item>
       
+      <tag><c>{honor_ecc_order, boolean()}</c></tag>
+      <item>If true, use the server's preference for ECC curve selection. If false
+      (the default), use the client's preference.
+      </item>
+
       <tag><c>{signature_algs, [{hash(), ecdsa | rsa | dsa}]}</c></tag>
       <item><p> The algorithms specified by
       this option will be the ones accepted by the server in a signature algorithm
@@ -804,6 +830,17 @@ fun(srp, Username :: string(), UserState :: term()) ->
     </func>
 
     <func>
+      <name>eccs() -></name>
+      <name>eccs(protocol()) -> [named_curve()]</name>
+      <fsummary>Returns a list of supported ECCs.</fsummary>
+
+      <desc><p>Returns a list of supported ECCs. <c>eccs()</c>
+      is equivalent to calling <c>eccs(Protocol)</c> with all
+      supported protocols and then deduplicating the output.</p>
+      </desc>
+    </func>
+
+    <func>
       <name>clear_pem_cache() -> ok </name>
       <fsummary> Clears the pem cache</fsummary>
 
@@ -898,7 +935,7 @@ fun(srp, Username :: string(), UserState :: term()) ->
       <fsummary>Returns all the connection information.
       </fsummary>
       <type>
-        <v>Item = protocol | cipher_suite | sni_hostname | atom()</v>
+        <v>Item = protocol | cipher_suite | sni_hostname | ecc | atom()</v>
 	<d>Meaningful atoms, not specified above, are the ssl option names.</d>
 	<v>Result = [{Item::atom(), Value::term()}]</v>
         <v>Reason = term()</v>
diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml
index a66e947bc1..f317dfded4 100644
--- a/lib/ssl/doc/src/ssl_app.xml
+++ b/lib/ssl/doc/src/ssl_app.xml
@@ -141,6 +141,16 @@
 	    marker="ssl#clear_pem_cache-0">ssl:clear_pem_cache/0</seealso>
 	
       </item>
+
+      <tag><c><![CDATA[bypass_pem_cache = boolean() <optional>]]></c></tag>
+      <item>
+	<p>Introduced in ssl-8.0.2. Disables the PEM-cache.
+	The PEM cache has proven to be a bottleneck, until the
+	implementation has been improved this can be used as
+	a workaround. Defaults to false.
+	</p>
+      </item>
+      
       <tag><c><![CDATA[alert_timeout = integer() <optional>]]></c></tag>
       <item>
 	<p>
diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml
index 7440b6ef04..c6774b4df6 100644
--- a/lib/ssl/doc/src/ssl_crl_cache_api.xml
+++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml
@@ -4,7 +4,7 @@
 <erlref>
   <header>
     <copyright>
-      <year>2015</year><year>2015</year>
+      <year>2015</year><year>2016</year>
       <holder>Ericsson AB. All Rights Reserved.</holder>
     </copyright>
     <legalnotice>
diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml
index 4bd5f67202..61f88e3860 100644
--- a/lib/ssl/doc/src/ssl_distribution.xml
+++ b/lib/ssl/doc/src/ssl_distribution.xml
@@ -43,7 +43,7 @@
       Erlang node distributed, <c>net_kernel</c> uses this module to
       set up listen ports and connections.</p>
 
-      <p>In the SSL application, an exra distribution
+      <p>In the SSL application, an extra distribution
       module, <c>inet_tls_dist</c>, can be used as an
       alternative. All distribution connections will use SSL and
       all participating Erlang nodes in a distributed system must use
@@ -71,8 +71,8 @@
   <section>
     <title>Building Boot Scripts Including the ssl Application</title>
     <p>Boot scripts are built using the <c>systools</c> utility in the
-      <c>sasl</c> application. For more information on <c>systools</c>,
-      see the <c>sasl</c> documentation. This is only an example of
+      SASL application. For more information on <c>systools</c>,
+      see the SASL documentation. This is only an example of
       what can be done.</p>
 
       <p>The simplest boot script possible includes only the Kernel