From 33afc30ff8e59af6b066b2212c6c6e4545758d0f Mon Sep 17 00:00:00 2001
From: Ben Murphy
Date: Sat, 10 Dec 2011 16:48:25 +0000
Subject: ssl: Update SSL docs for SSL Next Protocol Support
---
lib/ssl/doc/src/ssl.xml | 45 ++++++++++++++++++++++++++++++++++++++++++---
1 file changed, 42 insertions(+), 3 deletions(-)
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 5098d26a3a..9fc357f1fd 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -79,7 +79,9 @@
{keyfile, path()} | {password, string()} |
{cacerts, [der_encoded()]} | {cacertfile, path()} |
|{dh, der_encoded()} | {dhfile, path()} | {ciphers, ciphers()} |
- {ssl_imp, ssl_imp()}| {reuse_sessions, boolean()} | {reuse_session, fun()}
+ {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()}
+ {next_protocols_advertised, list(binary()} |
+ {client_preferred_next_protocols, binary(), client | server, list(binary())}
transportoption() = {CallbackModule, DataTag, ClosedTag}
@@ -301,7 +303,21 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
when possible.
-
+ {client_preferred_next_protocols, Fallback :: binary(), Order :: client | server,
+ PreferenceList :: list(binary())}
+ - Indicates the client will try to perform Next Protocol Negotiation. The
+ client will attempt to match a protocol in the PreferenceList with a protocol
+ the server advertises. If the Order is client a protocol earlier in the
+ PreferenceList will have precendence over a protocol later in the PreferenceList.
+ Otherwise if the Order is server protocol precendence is determined by the
+ order the server advertises its protocols. If the server does not advertise a
+ protocol in the PreferenceList then the Fallback protocol
+ will be chosen. Fallback must not be an empty binary and PreferenceList
+ must not contain empty binaries. If the client negotiates a Next Protocol it can be accessed
+ using negotiated_next_protocol/1 method.
+
+
+
@@ -353,6 +369,14 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
SuggestedSessionId is a binary(), PeerCert is a DER encoded
certificate, Compression is an enumeration integer
and CipherSuite is of type ciphersuite().
+
+
+ {next_protocols_advertised, Protocols :: list(binary())}
+ - The list of protocols to send to the client if the client indicates
+ it supports the Next Protocol extension. The client may select a protocol
+ that is not on this list. The list of protocols must not contain an empty
+ binary. If the server negotiates a Next Protocol it can be accessed
+ using negotiated_next_protocol/1 method.
@@ -766,8 +790,23 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
ssl application.
+
+ negotiated_next_protocol(Socket) -> {ok, Protocol} | {error, next_protocol_not_negotiated}
+ Returns the Next Protocol negotiated.
+
+ Socket = sslsocket()
+ Protocol = binary()
+
+
+
+ Returns the Next Protocol negotiated.
+
+
+
+
+
-
+
SEE ALSO
inet(3) and
--
cgit v1.2.3