From b53bdc5c149d2a05a8fa28e663f042049c0bdabd Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Wed, 16 Oct 2013 15:58:39 +0200 Subject: eldap: Doc --- lib/eldap/doc/src/eldap.xml | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'lib/eldap/doc/src/eldap.xml') diff --git a/lib/eldap/doc/src/eldap.xml b/lib/eldap/doc/src/eldap.xml index 30767abd7e..bb107822b3 100644 --- a/lib/eldap/doc/src/eldap.xml +++ b/lib/eldap/doc/src/eldap.xml @@ -35,6 +35,7 @@

References:

RFC 4510 - RFC 4519

 +

RFC 2830

The above publications can be found at IETF.

@@ -86,6 +87,34 @@ filter() See present/1, substrings/2,

Shutdown the connection.

+ + start_tls(Handle, Options) -> ok | {error,Error} + Shutdown the connection. + +

Same as start_tls(Handle, Options, infinity)

+ + + + start_tls(Handle, Options, Timeout) -> ok | {error,Error} + Shutdown the connection. + + Handle = handle() + Options = ssl:ssl_options() + Timeout = inifinity | positive_integer() + + +

Upgrade the connection associated with Handle to a tls connection if possible.

+

Among the Error responses we find:

+ + tls_already_started + The connection is already encrypted. The connection is not affected. + {response,ResponseFromServer} + The upgrade was refused by the LDAP server. The ResponseFromServer is an atom delivered byt the LDAP server explained in section 2.3 of rfc 2830. The connection is not affected, so it is still un-encrypted. + Error + Any error responded from ssl:connect/3 + + + simple_bind(Handle, Dn, Password) -> ok | {error, Reason} Authenticate the connection. -- cgit v1.2.3 From 0d41b12e62f285d1c5317b4c6396737d601191bc Mon Sep 17 00:00:00 2001 From: Hans Nilsson Date: Mon, 28 Oct 2013 16:44:05 +0100 Subject: eldap: minor doc change after review. --- lib/eldap/doc/src/eldap.xml | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'lib/eldap/doc/src/eldap.xml') diff --git a/lib/eldap/doc/src/eldap.xml b/lib/eldap/doc/src/eldap.xml index bb107822b3..5b81716543 100644 --- a/lib/eldap/doc/src/eldap.xml +++ b/lib/eldap/doc/src/eldap.xml @@ -89,14 +89,14 @@ filter() See present/1, substrings/2, start_tls(Handle, Options) -> ok | {error,Error} - Shutdown the connection. + Upgrade a connection to TLS.

Same as start_tls(Handle, Options, infinity)

 start_tls(Handle, Options, Timeout) -> ok | {error,Error} - Shutdown the connection. + Upgrade a connection to TLS. Handle = handle() Options = ssl:ssl_options() @@ -104,12 +104,16 @@ filter() See present/1, substrings/2,

Upgrade the connection associated with Handle to a tls connection if possible.

-

Among the Error responses we find:

+

The upgrade is done in two phases: first the server is asked for permission to upgrade. Second, if the request is acknowledged, the upgrade is performed.

+

Error responese from phase one will not affect the current encryption state of the connection. Those responses are:

tls_already_started The connection is already encrypted. The connection is not affected. {response,ResponseFromServer} The upgrade was refused by the LDAP server. The ResponseFromServer is an atom delivered byt the LDAP server explained in section 2.3 of rfc 2830. The connection is not affected, so it is still un-encrypted. + +

Errors in the seconde phase will however end the connection:

+ Error Any error responded from ssl:connect/3 -- cgit v1.2.3