From 4b3a9cbeaa101603b6eaf6d68976e90780d85fc2 Mon Sep 17 00:00:00 2001 From: Magnus Henoch Date: Wed, 3 Feb 2016 18:20:39 +0000 Subject: Allow passing verify_fun for TLS distribution Accept a value of the form {Module, Function, State} from the command line. This is different from the {Fun, State} that ssl:connect etc expect, since there's no clean way to parse a fun from a command line argument. --- lib/ssl/doc/src/ssl_distribution.xml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) (limited to 'lib/ssl/doc/src/ssl_distribution.xml') diff --git a/lib/ssl/doc/src/ssl_distribution.xml b/lib/ssl/doc/src/ssl_distribution.xml index dc04d446b0..db867ea74b 100644 --- a/lib/ssl/doc/src/ssl_distribution.xml +++ b/lib/ssl/doc/src/ssl_distribution.xml @@ -196,6 +196,7 @@ Eshell V5.0 (abort with ^G) password cacertfile verify + verify_fun (write as {Module, Function, InitialUserState}) reuse_sessions secure_renegotiate depth @@ -203,6 +204,10 @@ Eshell V5.0 (abort with ^G) ciphers (use old string format) +

Note that verify_fun needs to be written in a different + form than the corresponding SSL option, since funs are not + accepted on the command line.

+

The server can also take the options dhfile and fail_if_no_peer_cert (also prefixed).

@@ -210,10 +215,6 @@ Eshell V5.0 (abort with ^G) initiates a connection to another node. server_-prefixed options are used when accepting a connection from a remote node.

-

More complex options, such as verify_fun, are currently not - available, but a mechanism to handle such options may be added in - a future release.

-

Raw socket options, such as packet and size must not be specified on the command line.

-- cgit v1.2.3