From 28e032d29013203bd32917ee495cc202f0bb6b4e Mon Sep 17 00:00:00 2001
From: Hans Nilsson <hans@erlang.org>
Date: Thu, 28 Sep 2017 16:46:42 +0200
Subject: public_key: verify ip (both v4 and v6)

---
 lib/public_key/doc/src/public_key.xml | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

(limited to 'lib/public_key/doc/src')

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index fcf37a7a4d..3040f2db0d 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -871,12 +871,13 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
     <type>
       <v>Cert = der_encoded() | #'OTPCertificate'{} </v>
       <v>ReferenceIDs = [ RefID ]</v>
-      <v>RefID = {IdType,string()}</v>
-      <v>IdType = dns_id | srv_id | uri_id</v>
+      <v>RefID = {dns_id,string()} | {srv_id,string()} | {uri_id,string()} | {ip,inet:ip_address()|string()} | {OtherRefID,term()}}</v>
+      <v>OtherRefID = atom()</v>
       <v>Opts = [ PvhOpt() ]</v>
       <v>PvhOpt = [MatchOpt | FailCallBackOpt | FqdnExtractOpt]</v>
-      <v>MatchOpt = {fun(RefId | FQDN::string(), PresentedID) -> boolean() | default}</v>
-      <v>PresentedID = {dNSName,string()} | {uniformResourceIdentifier,string()}</v>
+      <v>MatchOpt = {match_fun, fun(RefId | FQDN::string(), PresentedID) -> boolean() | default}</v>
+      <v>PresentedID = {dNSName,string()} | {uniformResourceIdentifier,string() | {iPAddress,list(byte())} | {OtherPresId,term()}}</v>
+      <v>OtherPresID = atom()</v>
       <v>FailCallBackOpt = {fail_callback, fun(#'OTPCertificate'{}) -> boolean()}</v>
       <v>FqdnExtractOpt = {fqdn_fun, fun(RefID) -> FQDN::string() | default | undefined}</v>
     </type>
@@ -893,6 +894,11 @@ fun(#'DistributionPoint'{}, #'CertificateList'{},
       <seealso marker="using_public_key#verify_hostname_examples">code examples</seealso>
       describes this function more detailed.
       </p>
+      <p>The <c>{OtherRefId,term()}</c> is defined by the user and is passed to the <c>match_fun</c>, if defined.
+      If that term is a binary, it will be converted to a string.
+      </p>
+      <p>The <c>ip</c> takes a 4-tuple or a 
+      </p>
     </desc>
   </func>
 
-- 
cgit v1.2.3


From 31a1cd146bf6d0caf1d3fe8005b7e6307710205d Mon Sep 17 00:00:00 2001
From: Erlang/OTP <otp@erlang.org>
Date: Wed, 22 Nov 2017 12:23:57 +0100
Subject: Update release notes

---
 lib/public_key/doc/src/notes.xml | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

(limited to 'lib/public_key/doc/src')

diff --git a/lib/public_key/doc/src/notes.xml b/lib/public_key/doc/src/notes.xml
index 7a7c828760..a4c0194328 100644
--- a/lib/public_key/doc/src/notes.xml
+++ b/lib/public_key/doc/src/notes.xml
@@ -35,6 +35,30 @@
     <file>notes.xml</file>
   </header>
 
+<section><title>Public_Key 1.5.1</title>
+
+    <section><title>Improvements and New Features</title>
+      <list>
+        <item>
+          <p>
+	    Hostname verification: Add handling of the general name
+	    <c>iPAddress</c> in certificate's subject alternative
+	    name extension (<c>subjAltName</c>).</p>
+          <p>
+	    Own Id: OTP-14653</p>
+        </item>
+        <item>
+          <p>
+	    Correct key handling in pkix_test_data/1 and use a
+	    generic example mail address instead of an existing one.</p>
+          <p>
+	    Own Id: OTP-14766</p>
+        </item>
+      </list>
+    </section>
+
+</section>
+
 <section><title>Public_Key 1.5</title>
 
     <section><title>Fixed Bugs and Malfunctions</title>
-- 
cgit v1.2.3