From 1e0d466f198842cfed14f4fae906381c39bd2050 Mon Sep 17 00:00:00 2001 From: Ingela Anderton Andin Date: Wed, 19 Sep 2012 12:14:20 +0200 Subject: ssl: Changed default behaviour of next protocol negotiation to make more "sense" (be true to the specification). --- lib/ssl/doc/src/ssl.xml | 39 +++++++++++++++++++++++---------------- 1 file changed, 23 insertions(+), 16 deletions(-) (limited to 'lib/ssl/doc/src') diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml index 9fc357f1fd..f0eac76264 100644 --- a/lib/ssl/doc/src/ssl.xml +++ b/lib/ssl/doc/src/ssl.xml @@ -303,22 +303,29 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} | when possible. - {client_preferred_next_protocols, Fallback :: binary(), Order :: client | server, - PreferenceList :: list(binary())} - Indicates the client will try to perform Next Protocol Negotiation. The - client will attempt to match a protocol in the PreferenceList with a protocol - the server advertises. If the Order is client a protocol earlier in the - PreferenceList will have precendence over a protocol later in the PreferenceList. - Otherwise if the Order is server protocol precendence is determined by the - order the server advertises its protocols. If the server does not advertise a - protocol in the PreferenceList then the Fallback protocol - will be chosen. Fallback must not be an empty binary and PreferenceList - must not contain empty binaries. If the client negotiates a Next Protocol it can be accessed - using negotiated_next_protocol/1 method. - - - - + {client_preferred_next_protocols, Precedence:: server | client, ClientPrefs::[binary()]} + {client_preferred_next_protocols, Precedence:: server | client, ClientPrefs::[binary()] , Default :: binary()}} + +

Indicates the client will try to perform Next Protocol + Negotiation.

+ +

If precedence is server the negaotiated protocol will be the + first protocol that appears on the server advertised list that is + also on the clients preference list.

+ +

If the precedence is client the negaotiated protocol will be the + first protocol that appears on the clients preference list that is + also on the server advertised list.

+ +

If the client does not support any of the servers advertised + protocols or the server does not advertise any protocols the + client will fallback to the first protocol in its list or if a + default is supplied it will fallback to that instead. If the + server does not support next protocol renegotiation the + connection will be aborted if no default protocol is supplied.

+
+ +
SSL OPTION DESCRIPTIONS - SERVER SIDE -- cgit v1.2.3