From e014ca4131c8504963ff6f91b68053abd4e9f8a5 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Mon, 18 Jun 2018 14:04:27 +0200 Subject: ssl: Document enhancements --- lib/ssl/doc/src/ssl.xml | 25 ++++++++++++++----------- lib/ssl/doc/src/using_ssl.xml | 2 +- 2 files changed, 15 insertions(+), 12 deletions(-) diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 19436b2100..d93121f830 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -896,7 +896,7 @@ fun(srp, Username :: string(), UserState :: term()) -> Type = erlang | openssl | all -

Deprecated in OTP 21, use ssl:cipher_suites/2 instead.

+

Deprecated in OTP 21, use cipher_suites/2 instead.

@@ -1195,7 +1195,7 @@ fun(srp, Username :: string(), UserState :: term()) ->

If Socket is an sslsocket(): provides extra SSL/TLS/DTLS options to those specified in - ssl:listen/2 and then performs + listen/2 and then performs the SSL/TLS/DTLS handshake. Returns a new TLS/DTLS socket if the handshake is successful.

@@ -1274,7 +1274,8 @@ fun(srp, Username :: string(), UserState :: term()) ->

The peer certificate is returned as a DER-encoded binary. The certificate can be decoded with - public_key:pkix_decode_cert/2.

+ public_key:pkix_decode_cert/2 +

@@ -1423,7 +1424,8 @@ fun(srp, Username :: string(), UserState :: term()) -> Reason = term() -

Deprecated in OTP 21, use ssl:handshake[1,2] instead.

+

Deprecated in OTP 21, use handshake/[1,2] instead.

+

handshake/[1,2] always returns a new socket.

@@ -1438,7 +1440,8 @@ fun(srp, Username :: string(), UserState :: term()) -> Reason = term() -

Deprecated in OTP 21, use ssl:handshake[2,3] instead.

+

Deprecated in OTP 21, use handshake/[2,3] instead.

+

handshake/[2,3] always returns a new socket.

@@ -1504,19 +1507,19 @@ fun(srp, Username :: string(), UserState :: term()) ->

Accepts an incoming connection request on a listen socket. ListenSocket must be a socket returned from - ssl:listen/2. + listen/2. The socket returned is to be passed to - ssl:ssl_accept[2,3] + handshake/[2,3] to complete handshaking, that is, establishing the SSL/TLS/DTLS connection.

The socket returned can only be used with - ssl:ssl_accept[2,3]. + handshake/[2,3]. No traffic can be sent or received before that call.

The accepted socket inherits the options set for ListenSocket in - ssl:listen/2.

+ listen/2.

The default value for Timeout is infinity. If Timeout is specified and no connection is accepted @@ -1547,7 +1550,7 @@ fun(srp, Username :: string(), UserState :: term()) -> listen/2, and ssl_accept/[1,2,3]. For the negotiated SSL/TLS version, see ssl:connection_information/1 + marker="#connection_information-1">connection_information/1 . supported_dtls @@ -1557,7 +1560,7 @@ fun(srp, Username :: string(), UserState :: term()) -> listen/2, and ssl_accept/[1,2,3]. For the negotiated DTLS version, see ssl:connection_information/1 + marker="#connection_information-1">connection_information/1 . available diff --git a/lib/ssl/doc/src/using_ssl.xml b/lib/ssl/doc/src/using_ssl.xml index b2d649042b..ab4a600f25 100644 --- a/lib/ssl/doc/src/using_ssl.xml +++ b/lib/ssl/doc/src/using_ssl.xml @@ -132,7 +132,7 @@ ok

Step 7: Upgrade to an TLS connection. The client and server must agree upon the upgrade. The server must call - ssl:accept/2 before the client calls ssl:connect/3.

+ ssl:handshake/2 before the client calls ssl:connect/3.

3 client>{ok, TLSSocket} = ssl:connect(Socket, [{cacertfile, "cacerts.pem"}, {certfile, "cert.pem"}, {keyfile, "key.pem"}], infinity). {ok,{sslsocket,[...]}} -- cgit v1.2.3