From 8edbf8309fe6f095d43cc4bbc3eceaa81823c7f4 Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 07:17:20 +0100 Subject: [ssl] Correct the documentation so it follows the DTD --- lib/ssl/doc/src/ssl.xml | 5 ++--- lib/ssl/doc/src/ssl_app.xml | 6 +++--- lib/ssl/doc/src/ssl_crl_cache_api.xml | 6 +++--- lib/ssl/doc/src/ssl_session_cache_api.xml | 10 +++++++--- 4 files changed, 15 insertions(+), 12 deletions(-) diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 3a541ed162..32c80b3f00 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -480,8 +480,8 @@ fun(srp, Username :: string(), UserState :: term()) ->

The negotiated protocol can be retrieved using the negotiated_protocol/1 function.

- {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}} - {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}} + {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()]}}
+ {client_preferred_next_protocols, {Precedence :: server | client, ClientPrefs :: [binary()], Default :: binary()}}

Indicates that the client is to try to perform Next Protocol Negotiation.

@@ -538,7 +538,6 @@ fun(srp, Username :: string(), UserState :: term()) -> be supported by the server for the prevention to work.

- diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 24b0f5300e..1e3a1101ed 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -58,7 +58,7 @@

erl -ssl protocol_version "['tlsv1.2', 'tlsv1.1']"

- protocol_version = ssl:protocol() ]]> + protocol_version = ssl:protocol()]]>

Protocol supported by started clients and servers. If this option is not set, it defaults to all protocols currently supported by the SSL application. @@ -78,8 +78,8 @@

List of extra user-defined arguments to the init function in the session cache callback module. Defaults to [].

 - ]]> - ]]> + ]]>
+ ]]>

Limits the growth of the clients/servers session cache, if the maximum number of sessions is reached, the current cache entries will be invalidated regardless of their remaining lifetime. Defaults to 1000. diff --git a/lib/ssl/doc/src/ssl_crl_cache_api.xml b/lib/ssl/doc/src/ssl_crl_cache_api.xml index 71c1c61fe8..03ac010bfe 100644 --- a/lib/ssl/doc/src/ssl_crl_cache_api.xml +++ b/lib/ssl/doc/src/ssl_crl_cache_api.xml @@ -84,9 +84,9 @@ CRLs = [public_key:der_encoded()] -

Lookup the CRLs belonging to the distribution point Distributionpoint.

+

Lookup the CRLs belonging to the distribution point Distributionpoint. This function may choose to only look in the cache or to follow distribution point - links depending on how the cache is administrated. + links depending on how the cache is administrated.

@@ -103,4 +103,4 @@ - \ No newline at end of file + diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml index bd9330056d..b85d8fb284 100644 --- a/lib/ssl/doc/src/ssl_session_cache_api.xml +++ b/lib/ssl/doc/src/ssl_session_cache_api.xml @@ -31,9 +31,13 @@ ssl_session_cache_api TLS session cache API - Defines the API for the TLS session cache so - that the data storage scheme can be replaced by - defining a new callback module implementing this API. + +

+ Defines the API for the TLS session cache so + that the data storage scheme can be replaced by + defining a new callback module implementing this API. +

+
DATA TYPES -- cgit v1.2.3 From 909fa9fc39bee9d12d35bc9a82049b3d940fdd0c Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 09:28:13 +0100 Subject: [ssh] Align documentation to DTD --- lib/ssh/doc/src/ssh.xml | 28 +++++++++++----------- lib/ssh/doc/src/ssh_app.xml | 43 +++++++++++++++++----------------- lib/ssh/doc/src/ssh_connection.xml | 14 +++++------ lib/ssh/doc/src/ssh_server_key_api.xml | 4 ++-- lib/ssh/doc/src/ssh_sftp.xml | 31 +++++++++++++----------- 5 files changed, 62 insertions(+), 58 deletions(-) diff --git a/lib/ssh/doc/src/ssh.xml b/lib/ssh/doc/src/ssh.xml index b3f850fc38..850557444d 100644 --- a/lib/ssh/doc/src/ssh.xml +++ b/lib/ssh/doc/src/ssh.xml @@ -4,7 +4,7 @@
- 20042014 + 20042015 Ericsson AB. All Rights Reserved. @@ -418,10 +418,10 @@

- -
where: -
PromptTexts = kb_int_tuple() | fun(Peer::{IP::tuple(),Port::integer()}, User::string(), Service::string()) -> kb_int_tuple() -
kb_int_tuple() = {Name::string(), Instruction::string(), Prompt::string(), Echo::boolean()} + +
where: +
PromptTexts = kb_int_tuple() | fun(Peer::{IP::tuple(),Port::integer()}, User::string(), Service::string()) -> kb_int_tuple() +
kb_int_tuple() = {Name::string(), Instruction::string(), Prompt::string(), Echo::boolean()}

Sets the text strings that the daemon sends to the client for presentation to the user when using keyboar-interactive authentication. If the fun/3 is used, it is called when the actual authentication occurs and may therefore return dynamic data like time, remote ip etc.

@@ -516,29 +516,29 @@

Provides a function for password validation. This could used for calling an external system or if passwords should be stored as a hash. The fun returns: - - true if the user and password is valid and - false otherwise. -

+ + true if the user and password is valid and + false otherwise. +

This fun can also be used to make delays in authentication tries for example by calling timer:sleep/1. To facilitate counting of failed tries the State variable could be used. This state is per connection only. The first time the pwdfun is called for a connection, the State variable has the value undefined. The pwdfun can return - in addition to the values above - a new state as: - - {true, NewState:any()} if the user and password is valid or - {false, NewState:any()} if the user or password is invalid -

+ + {true, NewState:any()} if the user and password is valid or + {false, NewState:any()} if the user or password is invalid +

A third usage is to block login attempts from a missbehaving peer. The State described above can be used for this. In addition to the responses above, the following return value is introduced: +

disconnect if the connection should be closed immediately after sending a SSH_MSG_DISCONNECT message. -

boolean()}]]> diff --git a/lib/ssh/doc/src/ssh_app.xml b/lib/ssh/doc/src/ssh_app.xml index 79dd1e210e..f6ce44c015 100644 --- a/lib/ssh/doc/src/ssh_app.xml +++ b/lib/ssh/doc/src/ssh_app.xml @@ -4,7 +4,7 @@
- 20122013 + 20122015 Ericsson AB. All Rights Reserved. @@ -214,21 +214,21 @@

The following rfc:s are supported:

RFC 4251, The Secure Shell (SSH) Protocol Architecture. -

Except +

Except

9.4.6 Host-Based Authentication 9.5.2 Proxy Forwarding 9.5.3 X11 Forwarding -

+

RFC 4252, The Secure Shell (SSH) Authentication Protocol. -

Except +

Except

9. Host-Based Authentication: "hostbased" -

+

RFC 4253, The Secure Shell (SSH) Transport Layer Protocol. @@ -236,32 +236,32 @@ RFC 4254, The Secure Shell (SSH) Connection Protocol. -

Except +

Except

6.3. X11 Forwarding 7. TCP/IP Port Forwarding -

+

RFC 4256, Generic Message Exchange Authentication for the Secure Shell Protocol (SSH). -

Except +

Except

num-prompts > 1 password changing other identification methods than userid-password -

+

RFC 4419, Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol. -

+

RFC 4716, The Secure Shell (SSH) Public Key File Format. -

+

RFC 5647, AES Galois Counter Mode for @@ -270,34 +270,35 @@ This is resolved by OpenSSH in the ciphers aes128-gcm@openssh.com and aes256-gcm@openssh.com which are implemented. If the explicit ciphers and macs AEAD_AES_128_GCM or AEAD_AES_256_GCM are needed, they could be enabled with the option preferred_algorithms. +

- If the client or the server is not Erlang/OTP, it is the users responsibility to check that - other implementation has the same interpretation of AEAD_AES_*_GCM as the Erlang/OTP SSH before - enabling them. The aes*-gcm@openssh.com variants are always safe to use since they lack the - ambiguity. +

+ If the client or the server is not Erlang/OTP, it is the users responsibility to check that + other implementation has the same interpretation of AEAD_AES_*_GCM as the Erlang/OTP SSH before + enabling them. The aes*-gcm@openssh.com variants are always safe to use since they lack the + ambiguity. +

-

-

The second paragraph in section 5.1 is resolved as: +

The second paragraph in section 5.1 is resolved as:

If the negotiated cipher is AEAD_AES_128_GCM, the mac algorithm is set to AEAD_AES_128_GCM. If the negotiated cipher is AEAD_AES_256_GCM, the mac algorithm is set to AEAD_AES_256_GCM. If the mac algorithm is AEAD_AES_128_GCM, the cipher is set to AEAD_AES_128_GCM. If the mac algorithm is AEAD_AES_256_GCM, the cipher is set to AEAD_AES_256_GCM. - The first rule that matches when read in order from the top is applied -

+

The first rule that matches when read in order from the top is applied

 RFC 5656, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer. -

Except +

Except

5. ECMQV Key Exchange 6.4. ECMQV Key Exchange and Verification Method Name 7.2. ECMQV Message Numbers 10.2. Recommended Curves -

+

RFC 6668, SHA-2 Data Integrity Verification for diff --git a/lib/ssh/doc/src/ssh_connection.xml b/lib/ssh/doc/src/ssh_connection.xml index 064a623eb6..150d46a9a2 100644 --- a/lib/ssh/doc/src/ssh_connection.xml +++ b/lib/ssh/doc/src/ssh_connection.xml @@ -5,7 +5,7 @@

2008 - 2014 + 2015 Ericsson AB, All Rights Reserved @@ -31,15 +31,15 @@
ssh_connection - This module provides API functions to send - SSH Connection Protocol - events to the other side of an SSH channel. + + This module provides API functions to send SSH Connection Protocol + events to the other side of an SSH channel. -

The SSH Connection Protocol is used by clients and servers, - that is, SSH channels, to communicate over the SSH connection. The - API functions in this module send SSH Connection Protocol events, +

The SSH Connection Protocol + is used by clients and servers, that is, SSH channels, to communicate over the + SSH connection. The API functions in this module send SSH Connection Protocol events, which are received as messages by the remote channel. If the receiving channel is an Erlang process, the messages have the format diff --git a/lib/ssh/doc/src/ssh_server_key_api.xml b/lib/ssh/doc/src/ssh_server_key_api.xml index efb2c436e8..a0694ca8d9 100644 --- a/lib/ssh/doc/src/ssh_server_key_api.xml +++ b/lib/ssh/doc/src/ssh_server_key_api.xml @@ -5,7 +5,7 @@

2012 - 2013 + 2015 Ericsson AB, All Rights Reserved @@ -75,7 +75,7 @@ Host key algorithm. Is to support 'ssh-rsa' | 'ssh-dss', but more algorithms can be handled. DaemonOptions = proplists:proplist() - Options provided to ssh:daemon/[2,3]. + Options provided to ssh:daemon/[2,3]. Key = private_key() Private key of the host matching the Algorithm. Reason = term() diff --git a/lib/ssh/doc/src/ssh_sftp.xml b/lib/ssh/doc/src/ssh_sftp.xml index 17800fac5d..c6ca0f161a 100644 --- a/lib/ssh/doc/src/ssh_sftp.xml +++ b/lib/ssh/doc/src/ssh_sftp.xml @@ -4,7 +4,7 @@
- 20052014 + 20052015 Ericsson AB. All Rights Reserved. @@ -61,20 +61,23 @@ - apread(ChannelPid, Handle, Position, Len) -> {async, N} | {error, Error} - ChannelPid = pid() - Handle = term() - Position = integer() - Len = integer() - N = term() - Reason = term() - -

The function reads from a specified position, - combining the and functions.

+ apread(ChannelPid, Handle, Position, Len) -> {async, N} | {error, Reason} + Reads asynchronously from an open file. + + ChannelPid = pid() + Handle = term() + Position = integer() + Len = integer() + N = term() + Reason = term() + + +

The function reads from a specified position, + combining the and functions.

ssh_sftp:apread/4

 - - - + + + apwrite(ChannelPid, Handle, Position, Data) -> ok | {error, Reason} Writes asynchronously to an open file. -- cgit v1.2.3 From b1a1b4e8dc1929d438964017cec71869e8e24337 Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 09:40:34 +0100 Subject: [ssl] Moved description details to man(6) page --- lib/ssl/doc/src/ssl.xml | 36 ++++++------------------------------ lib/ssl/doc/src/ssl_app.xml | 28 +++++++++++++++++++++++++++- 2 files changed, 33 insertions(+), 31 deletions(-) diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 32c80b3f00..bf87644116 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -31,37 +31,13 @@ ssl Interface Functions for Secure Socket Layer -

This module contains interface functions for the SSL.

+

+ This module contains interface functions for the SSL/TLS protocol. + For detailed information about the supported standards see + ssl(6). +

- -
- SSL - - - For application dependencies see ssl(6) - Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, - TLS-1.1, and TLS-1.2. - For security reasons SSL-2.0 is not supported. - For security reasons SSL-3.0 is no longer supported by default, - but can be configured. - Ephemeral Diffie-Hellman cipher suites are supported, - but not Diffie Hellman Certificates cipher suites. - Elliptic Curve cipher suites are supported if the Crypto - application supports it and named curves are used. - - Export cipher suites are not supported as the - U.S. lifted its export restrictions in early 2000. - IDEA cipher suites are not supported as they have - become deprecated by the latest TLS specification so it is not - motivated to implement them. - CRL validation is supported. - Policy certificate extensions are not supported. - 'Server Name Indication' extension client side - (RFC 6066, Section 3) is supported. - - -
- +
DATA TYPES

The following data types are used in the functions for SSL:

diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml index 1e3a1101ed..6c82e32a74 100644 --- a/lib/ssl/doc/src/ssl_app.xml +++ b/lib/ssl/doc/src/ssl_app.xml @@ -33,7 +33,33 @@ The ssl application provides secure communication over sockets. - + +

+ The ssl application is an implementation of the SSL/TLS protocol in Erlang. +

+ + Supported SSL/TLS-versions are SSL-3.0, TLS-1.0, + TLS-1.1, and TLS-1.2. + For security reasons SSL-2.0 is not supported. + For security reasons SSL-3.0 is no longer supported by default, + but can be configured. + Ephemeral Diffie-Hellman cipher suites are supported, + but not Diffie Hellman Certificates cipher suites. + Elliptic Curve cipher suites are supported if the Crypto + application supports it and named curves are used. + + Export cipher suites are not supported as the + U.S. lifted its export restrictions in early 2000. + IDEA cipher suites are not supported as they have + become deprecated by the latest TLS specification so it is not + motivated to implement them. + CRL validation is supported. + Policy certificate extensions are not supported. + 'Server Name Indication' extension client side + (RFC 6066, Section 3) is supported. + + +
DEPENDENCIES

The SSL application uses the public_key and -- cgit v1.2.3 From b8f7153606e51517e3d361ebbd1b2a4ff08bb7dd Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 10:06:04 +0100 Subject: [inets] Align documentation to DTD --- lib/inets/doc/src/http_server.xml | 19 +-- lib/inets/doc/src/http_uri.xml | 10 +- lib/inets/doc/src/httpc.xml | 10 +- lib/inets/doc/src/httpd.xml | 245 ++++++++++++++------------------------ lib/inets/doc/src/notes.xml | 64 +++++----- lib/inets/doc/src/tftp.xml | 21 +--- 6 files changed, 136 insertions(+), 233 deletions(-) diff --git a/lib/inets/doc/src/http_server.xml b/lib/inets/doc/src/http_server.xml index 4b6d64fc8f..5adae933cd 100644 --- a/lib/inets/doc/src/http_server.xml +++ b/lib/inets/doc/src/http_server.xml @@ -4,7 +4,7 @@

- 20042013 + 20042015 Ericsson AB. All Rights Reserved. @@ -21,18 +21,7 @@ limitations under the License. - HTTP server - Ingela Anderton Andin - - - - - - - http_server.xml - -
@@ -356,9 +345,9 @@ UserName:Password
- CGI Version 1.1, - <url href="http://www.ietf.org/rfc/rfc3875.txt">RFC 3875</url> -

The module mod_cgi enables execution of CGI scripts + CGI Version 1.1, RFC 3875 +

The module mod_cgi enables execution of + CGI scripts on the server. A file matching the definition of a ScriptAlias config directive is treated as a CGI script. A CGI script is executed by the server and its output is returned to diff --git a/lib/inets/doc/src/http_uri.xml b/lib/inets/doc/src/http_uri.xml index 64e6c7a6cc..8e0301c520 100644 --- a/lib/inets/doc/src/http_uri.xml +++ b/lib/inets/doc/src/http_uri.xml @@ -4,7 +4,7 @@

- 20122013 + 20122015 Ericsson AB. All Rights Reserved. @@ -142,14 +142,14 @@

If the fragment option is true, the URI fragment is returned as part of the parsing result, otherwise it is ignored.

-

Scheme validation fun is to be defined as follows: +

Scheme validation fun is to be defined as follows:

- + fun(SchemeStr :: string()) -> valid | {error, Reason :: term()}. - + - It is called before scheme string gets converted into scheme atom and +

It is called before scheme string gets converted into scheme atom and thus possible atom leak could be prevented

diff --git a/lib/inets/doc/src/httpc.xml b/lib/inets/doc/src/httpc.xml index 31e44f405c..ca9b268a03 100644 --- a/lib/inets/doc/src/httpc.xml +++ b/lib/inets/doc/src/httpc.xml @@ -4,7 +4,7 @@
- 20042013 + 20042015 Ericsson AB. All Rights Reserved. @@ -554,8 +554,8 @@ IpDesc = string() Example: "134.138" or "[FEDC:BA98" (all IP addresses starting with 134.138 or FEDC:BA98), - "66.35.250.150" or "[2010:836B:4179::836B:4179]" (a complete IP address). - proxy defaults to {undefined, []}, + "66.35.250.150" or "[2010:836B:4179::836B:4179]" (a complete IP address). + proxy defaults to {undefined, []}, that is, no proxy is configured and https_proxy defaults to the value of proxy. MaxSessions = integer() @@ -597,8 +597,8 @@ for details. socket_opts() = [socket_opt()] The options are appended to the socket options used by the - client. - These are the default values when a new request handler + client. + These are the default values when a new request handler is started (for the initial connect). They are passed directly to the underlying transport (gen_tcp or SSL) without verification. diff --git a/lib/inets/doc/src/httpd.xml b/lib/inets/doc/src/httpd.xml index 0fc3cb1ce7..62b92b8356 100644 --- a/lib/inets/doc/src/httpd.xml +++ b/lib/inets/doc/src/httpd.xml @@ -30,13 +30,14 @@ httpd.sgml
httpd - An implementation of an HTTP - 1.1 compliant web server, as defined in RFC 2616 + + HTTP server API -

This module provides the HTTP server start options, some administrative - functions, and specifies the Erlang web server callback - API.

+

An implementation of an HTTP 1.1 compliant web server, as defined in + RFC 2616. + Provides web server start options, administrative functions, and + an Erlang callback API.
@@ -78,8 +79,7 @@ list.

- - {proplist_file, path()} + {proplist_file, path()}

If this property is defined, Inets expects to find all other properties defined in this file. The @@ -87,8 +87,7 @@ properties.

 - - {file, path()} + {file, path()}

If this property is defined, Inets expects to find all other properties defined in this file, which uses Apache-like @@ -121,8 +120,7 @@

Mandatory Properties

- - {port, integer()} + {port, integer()}

The port that the HTTP server listen to. If zero is specified as port, an arbitrary available port @@ -130,22 +128,19 @@ determine which port was picked.

 - - {server_name, string()} + {server_name, string()}

The name of your server, normally a fully qualified domain name.

 - - {server_root, path()} + {server_root, path()}

Defines the home directory of the server, where log files, and so on, can be stored. Relative paths specified in other properties refer to this directory.

 - - {document_root, path()} + {document_root, path()}

Defines the top directory for the documents that are available on the HTTP server.

@@ -155,15 +150,13 @@

Communication Properties

- - {bind_address, ip_address() | hostname() | any} + {bind_address, ip_address() | hostname() | any}

Default is any. any is denoted * in the Apache-like configuration file.

 - - {profile, atom()} + {profile, atom()}

Used together with bind_address and port to uniquely identify @@ -176,8 +169,7 @@

- - {socket_type, ip_comm | {ip_comm, Config::proplist()} | {essl, Config::proplist()}} + {socket_type, ip_comm | {ip_comm, Config::proplist()} | {essl, Config::proplist()}}

For ip_comm configuration options, see gen_tcp:listen/2, some options @@ -187,15 +179,13 @@

Default is ip_comm.

 - - {ipfamily, inet | inet6} + {ipfamily, inet | inet6}

Default is inet, legacy option inet6fb4 no longer makes sense and will be translated to inet.

 - - {minimum_bytes_per_second, integer()} + {minimum_bytes_per_second, integer()}

If given, sets a minimum of bytes per second value for connections.

If the value is unreached, the socket closes for that connection.

@@ -206,8 +196,7 @@

Erlang Web Server API Modules

- - {modules, [atom()]} + {modules, [atom()]}

Defines which modules the HTTP server uses when handling requests. Default is [mod_alias, mod_auth, mod_esi, @@ -224,60 +213,52 @@

Limit properties

- - {customize, atom()} + {customize, atom()}

A callback module to customize the inets HTTP servers behaviour see httpd_custom_api

- - {disable_chunked_transfer_encoding_send, boolean()} + {disable_chunked_transfer_encoding_send, boolean()}

Allows you to disable chunked transfer-encoding when sending a response to an HTTP/1.1 client. Default is false.

 - - {keep_alive, boolean()} + {keep_alive, boolean()}

Instructs the server whether to use persistent connections when the client claims to be HTTP/1.1 compliant. Default is true.

 - - {keep_alive_timeout, integer()} + {keep_alive_timeout, integer()}

The number of seconds the server waits for a subsequent request from the client before closing the connection. Default is 150.

 - - {max_body_size, integer()} + {max_body_size, integer()}

Limits the size of the message body of an HTTP request. Default is no limit.

 - - {max_clients, integer()} + {max_clients, integer()}

Limits the number of simultaneous requests that can be supported. Default is 150.

 - - {max_header_size, integer()} + {max_header_size, integer()}

Limits the size of the message header of an HTTP request. Default is 10240.

 - - {max_content_length, integer()} + {max_content_length, integer()}

Maximum content-length in an incoming request, in bytes. Requests with content larger than this are answered with status 413. @@ -285,15 +266,13 @@

- - {max_uri_size, integer()} + {max_uri_size, integer()}

Limits the size of the HTTP request URI. Default is no limit.

 - - {max_keep_alive_request, integer()} + {max_keep_alive_request, integer()}

The number of requests that a client can do on one connection. When the server has responded to the number of @@ -306,8 +285,7 @@

Administrative Properties

- - {mime_types, [{MimeType, Extension}] | path()} + {mime_types, [{MimeType, Extension}] | path()}

MimeType = string() and Extension = string(). Files delivered to the client are MIME typed according to RFC @@ -323,24 +301,21 @@ text/plain asc txt

Default is [{"html","text/html"},{"htm","text/html"}].

 - - {mime_type, string()} + {mime_type, string()}

When the server is asked to provide a document type that cannot be determined by the MIME Type Settings, the server uses this default type.

 - - {server_admin, string()} + {server_admin, string()}

Defines the email-address of the server administrator to be included in any error messages returned by the server.

 - - {server_tokens, none|prod|major|minor|minimal|os|full|{private, string()}} + {server_tokens, none|prod|major|minor|minimal|os|full|{private, string()}}

Defines the look of the value of the server header.

Example: Assuming the version of Inets is 5.8.1, @@ -367,8 +342,7 @@ text/plain asc txt

By default, the value is as before, that is, minimal.

 - - {log_format, common | combined} + {log_format, common | combined}

Defines if access logs are to be written according to the common log format or the extended common log format. @@ -411,8 +385,7 @@ text/plain asc txt

- - {error_log_format, pretty | compact} + {error_log_format, pretty | compact}

Default is pretty. If the error log is meant to be read directly by a human, pretty is the best option.

@@ -434,60 +407,57 @@ text/plain asc txt

URL Aliasing Properties - Requires mod_alias

- - {alias, {Alias, RealName}} + {alias, {Alias, RealName}}

Alias = string() and RealName = string(). alias allows documents to be stored in the local file system instead of the document_root location. URLs with a path beginning with url-path is mapped to local files beginning with - directory-filename, for example: + directory-filename, for example:

{alias, {"/image", "/ftp/pub/image"}} - Access to http://your.server.org/image/foo.gif would refer to +

Access to http://your.server.org/image/foo.gif would refer to the file /ftp/pub/image/foo.gif.

 - - {re_write, {Re, Replacement}} + {re_write, {Re, Replacement}}

Re = string() and Replacement = string(). re_write allows documents to be stored in the local file system instead of the document_root location. URLs are rewritten by re:replace/3 to produce a path in the local file-system, - for example: + for example:

{re_write, {"^/[~]([^/]+)(.*)$", "/home/\\1/public\\2"}} - Access to http://your.server.org/~bob/foo.gif would refer to +

Access to http://your.server.org/~bob/foo.gif would refer to the file /home/bob/public/foo.gif. In an Apache-like configuration file, Re is separated from Replacement with one single space, and as expected backslashes do not need to be backslash escaped, the - same example would become: + same example would become:

ReWrite ^/[~]([^/]+)(.*)$ /home/\1/public\2 - Beware of trailing space in Replacement to be used. +

Beware of trailing space in Replacement to be used. If you must have a space in Re, use, for example, the character encoding \040, see re(3).

 - - {directory_index, [string()]} + {directory_index, [string()]}

directory_index specifies a list of resources to look for if a client requests a directory using a / at the end of the directory name. file depicts the name of a file in the directory. Several files can be given, in which case the server - returns the first it finds, for example: + returns the first it finds, for example:

{directory_index, ["index.hml", "welcome.html"]} - Access to http://your.server.org/docs/ would return +

Access to http://your.server.org/docs/ would return http://your.server.org/docs/index.html or http://your.server.org/docs/welcome.html if index.html does not exist.

@@ -497,38 +467,35 @@ text/plain asc txt

CGI Properties - Requires mod_cgi

- - {script_alias, {Alias, RealName}} + {script_alias, {Alias, RealName}}

Alias = string() and RealName = string(). Have the same behavior as property alias, except that they also mark the target directory as containing CGI scripts. URLs with a path beginning with url-path are mapped to - scripts beginning with directory-filename, for example: + scripts beginning with directory-filename, for example:

{script_alias, {"/cgi-bin/", "/web/cgi-bin/"}} - Access to http://your.server.org/cgi-bin/foo would cause +

Access to http://your.server.org/cgi-bin/foo would cause the server to run the script /web/cgi-bin/foo.

 - - {script_re_write, {Re, Replacement}} + {script_re_write, {Re, Replacement}}

Re = string() and Replacement = string(). Have the same behavior as property re_write, except that they also mark the target directory as containing CGI scripts. URLs with a path beginning with url-path are mapped to - scripts beginning with directory-filename, for example: + scripts beginning with directory-filename, for example:

{script_re_write, {"^/cgi-bin/(\\d+)/", "/web/\\1/cgi-bin/"}} - Access to http://your.server.org/cgi-bin/17/foo would cause +

Access to http://your.server.org/cgi-bin/17/foo would cause the server to run the script /web/17/cgi-bin/foo.

 - - {script_nocache, boolean()} + {script_nocache, boolean()}

If script_nocache is set to true, the HTTP server by default adds the header fields necessary to prevent proxies from @@ -536,8 +503,7 @@ text/plain asc txt Default to false.

 - - {script_timeout, integer()} + {script_timeout, integer()}

The time in seconds the web server waits between each chunk of data from the script. If the CGI script does not deliver @@ -545,8 +511,7 @@ text/plain asc txt closed. Default is 15.

 - - {action, {MimeType, CgiScript}} - requires mod_action + {action, {MimeType, CgiScript}} - requires mod_action

MimeType = string() and CgiScript = string(). action adds an action activating a CGI script @@ -559,8 +524,7 @@ text/plain asc txt {action, {"text/plain", "/cgi-bin/log_and_deliver_text"}} - - {script, {Method, CgiScript}} - requires mod_action + {script, {Method, CgiScript}} - requires mod_action

Method = string() and CgiScript = string(). script adds an action activating a CGI script @@ -579,17 +543,16 @@ text/plain asc txt

ESI Properties - Requires mod_esi

- - {erl_script_alias, {URLPath, [AllowedModule]}} + {erl_script_alias, {URLPath, [AllowedModule]}}

URLPath = string() and AllowedModule = atom(). erl_script_alias marks all URLs matching url-path as erl scheme scripts. A matching URL is mapped into a specific module - and function, for example: + and function, for example:

{erl_script_alias, {"/cgi-bin/example", [httpd_example]}} - A request to +

A request to http://your.server.org/cgi-bin/example/httpd_example:yahoo would refer to httpd_example:yahoo/3 or, if that does not exist, httpd_example:yahoo/2 and @@ -597,8 +560,7 @@ text/plain asc txt not be allowed to execute.

 - - {erl_script_nocache, boolean()} + {erl_script_nocache, boolean()}

If erl_script_nocache is set to true, the server adds HTTP header fields preventing proxies from caching the @@ -607,8 +569,7 @@ text/plain asc txt Default is false.

 - - {erl_script_timeout, integer()} + {erl_script_timeout, integer()}

If erl_script_timeout sets the time in seconds the server waits between each chunk of data to be delivered through @@ -616,8 +577,7 @@ text/plain asc txt for scripts that use the erl scheme.

 - - {eval_script_alias, {URLPath, [AllowedModule]}} + {eval_script_alias, {URLPath, [AllowedModule]}}

URLPath = string() and AllowedModule = atom(). Same as erl_script_alias but for scripts @@ -629,24 +589,21 @@ text/plain asc txt

Log Properties - Requires mod_log

- - {error_log, path()} + {error_log, path()}

Defines the filename of the error log file to be used to log server errors. If the filename does not begin with a slash (/), it is assumed to be relative to the server_root.

 - - {security_log, path()} + {security_log, path()}

Defines the filename of the access log file to be used to log security events. If the filename does not begin with a slash (/), it is assumed to be relative to the server_root.

 - - {transfer_log, path()} + {transfer_log, path()}

Defines the filename of the access log file to be used to log incoming requests. If the filename does not begin with a @@ -657,8 +614,7 @@ text/plain asc txt

Disk Log Properties - Requires mod_disk_log

- - {disk_log_format, internal | external} + {disk_log_format, internal | external}

Defines the file format of the log files. See disk_log for details. If the internal file format is used, the @@ -668,16 +624,14 @@ text/plain asc txt external.

 - - {error_disk_log, path()} + {error_disk_log, path()}

Defines the filename of the (disk_log(3)) error log file to be used to log server errors. If the filename does not begin with a slash (/), it is assumed to be relative to the server_root.

 - - {error_disk_log_size, {MaxBytes, MaxFiles}} + {error_disk_log_size, {MaxBytes, MaxFiles}}

MaxBytes = integer() and MaxFiles = integer(). Defines the properties of the (disk_log(3)) error log @@ -686,8 +640,7 @@ text/plain asc txt used before the first file is truncated and reused.

 - - {security_disk_log, path()} + {security_disk_log, path()}

Defines the filename of the (disk_log(3)) access log file logging incoming security events, that is, authenticated @@ -695,8 +648,7 @@ text/plain asc txt is assumed to be relative to the server_root.

 - - {security_disk_log_size, {MaxBytes, MaxFiles}} + {security_disk_log_size, {MaxBytes, MaxFiles}}

MaxBytes = integer() and MaxFiles = integer(). Defines the properties of the disk_log(3) access log @@ -705,8 +657,7 @@ text/plain asc txt used before the first file is truncated and reused.

 - - {transfer_disk_log, path()} + {transfer_disk_log, path()}

Defines the filename of the (disk_log(3)) access log file logging incoming requests. If the filename does not begin @@ -714,8 +665,7 @@ text/plain asc txt server_root.

 - - {transfer_disk_log_size, {MaxBytes, MaxFiles}} + {transfer_disk_log_size, {MaxBytes, MaxFiles}}

MaxBytes = integer() and MaxFiles = integer(). Defines the properties of the disk_log(3) access log @@ -735,32 +685,29 @@ text/plain asc txt

The properties for directories are as follows:

- - {allow_from, all | [RegxpHostString]} + {allow_from, all | [RegxpHostString]}

Defines a set of hosts to be granted access to a - given directory, for example: + given directory, for example:

{allow_from, ["123.34.56.11", "150.100.23"]} - The host 123.34.56.11 and all machines on the 150.100.23 +

The host 123.34.56.11 and all machines on the 150.100.23 subnet are allowed access.

 - - {deny_from, all | [RegxpHostString]} + {deny_from, all | [RegxpHostString]}

Defines a set of hosts - to be denied access to a given directory, for example: + to be denied access to a given directory, for example:

{deny_from, ["123.34.56.11", "150.100.23"]} - The host 123.34.56.11 and all machines on the 150.100.23 +

The host 123.34.56.11 and all machines on the 150.100.23 subnet are not allowed access.

 - - {auth_type, plain | dets | mnesia} + {auth_type, plain | dets | mnesia}

Sets the type of authentication database that is used for the directory. The key difference between the different methods is @@ -770,8 +717,7 @@ text/plain asc txt configuration files.

 - - {auth_user_file, path()} + {auth_user_file, path()}

Sets the name of a file containing the list of users and passwords for user authentication. The filename can be either @@ -795,8 +741,7 @@ text/plain asc txt clients can download it.

 - - {auth_group_file, path()} + {auth_group_file, path()}

Sets the name of a file containing the list of user groups for user authentication. The filename can be either @@ -818,16 +763,14 @@ text/plain asc txt can download it.

 - - {auth_name, string()} + {auth_name, string()}

Sets the name of the authorization realm (auth-domain) for a directory. This string informs the client about which username and password to use.

 - - {auth_access_password, string()} + {auth_access_password, string()}

If set to other than "NoPassword", the password is required for all API calls. If the password is set to "DummyPassword", the @@ -837,15 +780,13 @@ text/plain asc txt text in the configuration file.

 - - {require_user, [string()]} + {require_user, [string()]}

Defines users to grant access to a given directory using a secret password.

 - - {require_group, [string()]} + {require_group, [string()]}

Defines users to grant access to a given directory using a secret password.

@@ -856,8 +797,7 @@ text/plain asc txt

Htaccess Authentication Properties - Requires mod_htaccess

- - {access_files, [path()]} + {access_files, [path()]}

Specifies the filenames that are used for access files. When a request comes, every directory in the path @@ -877,16 +817,14 @@ text/plain asc txt

The properties for the security directories are as follows:

- - {data_file, path()} + {data_file, path()}

Name of the security data file. The filename can either be absolute or relative to the server_root. This file is used to store persistent data for module mod_security.

 - - {max_retries, integer()} + {max_retries, integer()}

Specifies the maximum number of attempts to authenticate a user before the user is blocked out. If a user @@ -898,16 +836,14 @@ text/plain asc txt Default is 3. Can be set to infinity.

 - - {block_time, integer()} + {block_time, integer()}

Specifies the number of minutes a user is blocked. After this timehas passed, the user automatically regains access. Default is 60.

 - - {fail_expire_time, integer()} + {fail_expire_time, integer()}

Specifies the number of minutes a failed user authentication is remembered. If a user authenticates after this @@ -916,8 +852,7 @@ text/plain asc txt Default is 30.

 - - {auth_timeout, integer()} + {auth_timeout, integer()} Specifies the number of seconds a successful user authentication is remembered. After this time has passed, the diff --git a/lib/inets/doc/src/notes.xml b/lib/inets/doc/src/notes.xml index 8c4fdfdf70..7ebb3ddffa 100644 --- a/lib/inets/doc/src/notes.xml +++ b/lib/inets/doc/src/notes.xml @@ -4,7 +4,7 @@
- 20022014 + 20022015 Ericsson AB. All Rights Reserved. @@ -1807,23 +1807,21 @@

[httpd] - Issues with ESI erl_script_timeout.

-

- - -

The erl_script_timeout config option is ducumented - as a number of seconds. But when parsing the config, in the - new format (not a config file), it was handled as if in - number of milliseconds.

- - -

When the erl-script-timeout time was exceeded, the server - incorrectly marked the answer as sent, thereby leaving - client hanging (with an incomplete answer). - This has been changed, so that now the socket will be - closed.

- - -

+ + +

The erl_script_timeout config option is ducumented + as a number of seconds. But when parsing the config, in the + new format (not a config file), it was handled as if in + number of milliseconds.

+ + +

When the erl-script-timeout time was exceeded, the server + incorrectly marked the answer as sent, thereby leaving + client hanging (with an incomplete answer). + This has been changed, so that now the socket will be + closed.

+ +

Own Id: OTP-8509

@@ -1899,20 +1897,19 @@

[httpc] Several more or less critical fixes:

-

- - -

Initial call between the httpc manager and request - handler was synchronous.

-

When the manager starts a new request handler, - this is no longer a synchronous operation. Previously, - the new request handler made the connection to the - server and issuing of the first request (the reason - for starting it) in the gen_server init function. - If the connection for some reason "took some time", - the manager hanged, leaving all other activities by - that manager also hanging.

- + + +

Initial call between the httpc manager and request + handler was synchronous.

+

When the manager starts a new request handler, + this is no longer a synchronous operation. Previously, + the new request handler made the connection to the + server and issuing of the first request (the reason + for starting it) in the gen_server init function. + If the connection for some reason "took some time", + the manager hanged, leaving all other activities by + that manager also hanging.

+ - -

+

As a side-effect of these changes, some modules was also renamed, and a new api module, httpc, has been introduced diff --git a/lib/inets/doc/src/tftp.xml b/lib/inets/doc/src/tftp.xml index 00d9d53376..10398f5088 100644 --- a/lib/inets/doc/src/tftp.xml +++ b/lib/inets/doc/src/tftp.xml @@ -4,7 +4,7 @@

- 20062013 + 20062015 Ericsson AB. All Rights Reserved. @@ -216,12 +216,9 @@ five times when the time-out expires.

- -
- change_config(daemons, Options) -> [{Pid, Result}] Changes configuration for all daemons. @@ -234,8 +231,6 @@

Changes configuration for all TFTP daemon processes.

- - @@ -251,8 +246,6 @@

Changes configuration for all TFTP server processes.

- - @@ -268,7 +261,6 @@

Changes configuration for a TFTP daemon, server, or client process.

- @@ -282,8 +274,6 @@

Returns information about all TFTP daemon processes.

- - @@ -297,8 +287,6 @@

Returns information about all TFTP server processes.

- - @@ -341,9 +329,7 @@ the regexps of these and the callback module corresponding to the first match is used, or an error tuple is returned if no matching regexp is found.

- - - + @@ -359,8 +345,6 @@ port. When it receives a request for read or write, it spawns a temporary server process handling the actual transfer of the (virtual) file.

- - @@ -393,7 +377,6 @@ matching regexp is found.

-
-- cgit v1.2.3 From 39d2ece8440c94539f1875695bd5a7f2f2b5f654 Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 10:30:55 +0100 Subject: [orber] Align documentation to DTD --- lib/orber/doc/src/notes.xml | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/lib/orber/doc/src/notes.xml b/lib/orber/doc/src/notes.xml index 3f7d4121fd..7b5d0f96ca 100644 --- a/lib/orber/doc/src/notes.xml +++ b/lib/orber/doc/src/notes.xml @@ -169,11 +169,9 @@
Known Bugs and Problems -

-

-

- Own Id: OTP-10675 Aux Id: seq12154

+ Own Id: OTP-10675 Aux Id: seq12154 +

-- cgit v1.2.3 From 545b938fb12396c9e1313a4bacf68f5307941be5 Mon Sep 17 00:00:00 2001 From: Lars Thorsen Date: Thu, 10 Dec 2015 13:21:13 +0100 Subject: [inets] Correct broken links --- lib/inets/doc/src/http_server.xml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/lib/inets/doc/src/http_server.xml b/lib/inets/doc/src/http_server.xml index 5adae933cd..aeda961714 100644 --- a/lib/inets/doc/src/http_server.xml +++ b/lib/inets/doc/src/http_server.xml @@ -22,6 +22,7 @@ HTTP server + http_server.xml
@@ -54,12 +55,9 @@

As of Inets 5.0 the HTTP server is an easy to start/stop and customize web server providing the most basic - web server functionality. Depending on your needs, there - are also other Erlang-based web servers that can be of interest - such as Yaws, which, - for example, has its own - markup support to generate HTML and supports certain buzzword - technologies, such as SOAP.

+ web server functionality. Inets is designed for embedded systems + and if you want a full-fledged web server there are exists other + erlang open source alternatives.

Almost all server functionality has been implemented using an especially crafted server API, which is described in the Erlang Web @@ -530,7 +528,7 @@ http://your.server.org/eval?httpd_example:print(atom_to_list(apply(erlang,halt,[ mod_action - Filetype/Method-Based Script Execution

This module runs CGI scripts whenever a file of a certain type or HTTP method (see - RFC 1945RFC 1945) + RFC 1945) is requested.

Uses the following Erlang Web Server API interaction data: @@ -557,7 +555,7 @@ http://your.server.org/eval?httpd_example:print(atom_to_list(apply(erlang,halt,[ {real_name, PathData} PathData is the argument used for API function - mod_alias:path/3. + mod_alias:path/3.

-- cgit v1.2.3