From a60c126e813cdef73ff6fbd4dc5414f385d2c8c6 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin
Date: Mon, 11 Aug 2014 17:22:36 +0200
Subject: ssl: Separate session cache for client and server
Even though in the most common case an erlang node will not be both client
and server, it may happen (for instance when running the erlang ditribution
over TLS).
Also try to mitigate the affect of dumb clients that could cause a
very lagre session cache on the client side that can cause long delays
in the client. The server will have other means to handle a large
session table and will not do any select operations on it anyhow.
---
lib/ssl/doc/src/ssl_app.xml | 6 +++---
lib/ssl/doc/src/ssl_session_cache_api.xml | 20 ++++++++++++++------
2 files changed, 17 insertions(+), 9 deletions(-)
(limited to 'lib/ssl/doc')
diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml
index 43cb3934f7..c8024548b5 100644
--- a/lib/ssl/doc/src/ssl_app.xml
+++ b/lib/ssl/doc/src/ssl_app.xml
@@ -4,7 +4,7 @@
- 19992013
+ 19992014
Ericsson AB. All Rights Reserved.
@@ -75,10 +75,10 @@
- ]]>
+ ]]>
-
- List of arguments to the init function in session cache
+ List of additional user defined arguments to the init function in session cache
callback module, defaults to [].
diff --git a/lib/ssl/doc/src/ssl_session_cache_api.xml b/lib/ssl/doc/src/ssl_session_cache_api.xml
index 82de1784ca..cb97bbfbb2 100644
--- a/lib/ssl/doc/src/ssl_session_cache_api.xml
+++ b/lib/ssl/doc/src/ssl_session_cache_api.xml
@@ -4,7 +4,7 @@
- 19992013
+ 19992014
Ericsson AB. All Rights Reserved.
@@ -79,17 +79,25 @@
- init() -> opaque()
+ init(Args) -> opaque()
Return cache reference
-
+ Args = proplists:proplist()
+ Will always include the property {role, client | server}. Currently this
+ is the only predefined property, there may also be user defined properties.
+ See also application environment variable
+ session_cb_init_args
+
Performs possible initializations of the cache and returns
a reference to it that will be used as parameter to the other
- api functions. Will be called by the cache handling processes
- init function, hence putting the same requirements on it as
- a normal process init function.
+ API functions. Will be called by the cache handling processes
+ init function, hence putting the same requirements on it as a
+ normal process init function. Note that this function will be
+ called twice when starting the ssl application, once with the
+ role client and once with the role server, as the ssl application
+ must be prepared to take on both roles.
--
cgit v1.2.3