From bc8b6bf58c96f8d5a07146ddea145f71fe8c8956 Mon Sep 17 00:00:00 2001
From: Julien Barbot <julien@barbot.org>
Date: Tue, 29 Oct 2013 22:29:01 +0100
Subject: Add SSL Server Name Indication (SNI) client support

See RFC 6066 section 3
---
 lib/ssl/doc/src/ssl.xml | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'lib/ssl/doc')

diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 445a47c07b..aac04095b4 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -52,6 +52,8 @@
       <item>CRL and policy certificate extensions are not supported
       yet. However CRL verification is supported by public_key, only not integrated
       in ssl yet. </item>
+      <item>Support for 'Server Name Indication' extension client side
+      (RFC 6066 section 3).</item>
     </list>
  
   </section>
-- 
cgit v1.2.3


From d370fe05f5884691a89784aa73bfb4eb2176edab Mon Sep 17 00:00:00 2001
From: Julien Barbot <julien@barbot.org>
Date: Sun, 3 Nov 2013 21:30:03 +0100
Subject: Add a new server_name_indication option to ssl:connect

- Set to disable to explicitly disable SNI support.
- Set to a hostname when upgrading from TCP to TLS.
---
 lib/ssl/doc/src/ssl.xml | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'lib/ssl/doc')

diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index aac04095b4..b4182e6d61 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -89,7 +89,7 @@
       {ssl_imp, ssl_imp()} | {reuse_sessions, boolean()} | {reuse_session, fun()}
       {next_protocols_advertised, [binary()]} |
       {client_preferred_next_protocols, {client | server, [binary()]} | {client | server, [binary()], binary()}} |
-      {log_alert, boolean()}
+      {log_alert, boolean()} | {server_name_indication, hostname() | disable}
     </c></p>
 
     <p><c>transportoption() = {cb_info, {CallbackModule::atom(), DataTag::atom(), ClosedTag::atom(), ErrTag:atom()}}
@@ -384,6 +384,14 @@ fun(srp, Username :: string(), UserState :: term()) ->
       <tag>{srp_identity, {Username :: string(), Password :: string()}</tag>
       <item>Specifies the Username and Password to use to authenticate to the server.
       </item>
+      <tag>{server_name_indication, hostname()}</tag>
+      <tag>{server_name_indication, disable}</tag>
+      <item>
+        <p>This option can be specified when upgrading a tcp socket to a tls
+        socket to use the TLS Server Name Indication extension.</p>
+        <p>This option can also be set to disable to explicitly disable usage of
+        the Server Name Indication extension.</p>
+      </item>
     </taglist>
    </section>
 
-- 
cgit v1.2.3


From 06d4f009136b853cd8b50a6b5e8ae0ff5bb54041 Mon Sep 17 00:00:00 2001
From: Julien Barbot <julien@barbot.org>
Date: Mon, 4 Nov 2013 10:19:04 +0100
Subject: Update documentation

---
 lib/ssl/doc/src/ssl.xml | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'lib/ssl/doc')

diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index b4182e6d61..19c0c8c9ee 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -387,10 +387,11 @@ fun(srp, Username :: string(), UserState :: term()) ->
       <tag>{server_name_indication, hostname()}</tag>
       <tag>{server_name_indication, disable}</tag>
       <item>
-        <p>This option can be specified when upgrading a tcp socket to a tls
+        <p>This option can be specified when upgrading a TCP socket to a TLS
         socket to use the TLS Server Name Indication extension.</p>
-        <p>This option can also be set to disable to explicitly disable usage of
-        the Server Name Indication extension.</p>
+        <p>When starting a TLS connection without upgrade the Server Name
+        Indication extension will be sent if possible, this option may also be
+        used to disable that behavior.</p>
       </item>
     </taglist>
    </section>
-- 
cgit v1.2.3