From 42b8a29dbae1d626f32bc16dd81a129caf741138 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin
Date: Mon, 16 Nov 2015 21:58:36 +0100
Subject: ssl: Add upper limit for session cache
If upper limit is reached invalidate the current cache entries, e.i the session
lifetime is the max time a session will be keept, but it may be invalidated
earlier if the max limit for the table is reached. This will keep the ssl
manager process well behaved, not exhusting memeory. Invalidating the entries
will incrementally empty the cache to make room for fresh sessions entries.
---
lib/ssl/doc/src/ssl_app.xml | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
(limited to 'lib/ssl/doc')
diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml
index 51ce0cedf1..257175a33f 100644
--- a/lib/ssl/doc/src/ssl_app.xml
+++ b/lib/ssl/doc/src/ssl_app.xml
@@ -66,7 +66,7 @@
to ssl:connect/[2,3] and ssl:listen/2.
]]>
- Lifetime of the session data in seconds.
+ Maximum lifetime of the session data in seconds.
]]>
Name of the session cache callback module that implements
@@ -77,6 +77,13 @@
List of extra user-defined arguments to the init function
in the session cache callback module. Defaults to [].
+
+ ]]>
+ ]]>
+ Limits the growth of the clients/servers session cache,
+ if the maximum number of sessions is reached, the current cache entries will
+ be invalidated regardless of their remaining lifetime. Defaults to 1000.
+
]]>
-
--
cgit v1.2.3
From 55569124ac815eedc21c234c447e346b97f3c8fe Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin
Date: Mon, 7 Dec 2015 10:31:35 +0100
Subject: ssl: Fix documentation mistakes
---
lib/ssl/doc/src/ssl.xml | 4 ++--
lib/ssl/doc/src/ssl_app.xml | 9 ++++++---
2 files changed, 8 insertions(+), 5 deletions(-)
(limited to 'lib/ssl/doc')
diff --git a/lib/ssl/doc/src/ssl.xml b/lib/ssl/doc/src/ssl.xml
index 22ac98c24e..3a541ed162 100644
--- a/lib/ssl/doc/src/ssl.xml
+++ b/lib/ssl/doc/src/ssl.xml
@@ -84,7 +84,7 @@
gen_tcp(3) manual pages
in Kernel.
- ssloption() =
+ ssloption() =
-
{verify, verify_type()}
| {verify_fun, {fun(), term()}}
@@ -160,7 +160,7 @@
sslsocket() =
opaque()
- protocol() =
+ protocol() =
sslv3 | tlsv1 | 'tlsv1.1' | 'tlsv1.2'
ciphers() =
diff --git a/lib/ssl/doc/src/ssl_app.xml b/lib/ssl/doc/src/ssl_app.xml
index 257175a33f..24b0f5300e 100644
--- a/lib/ssl/doc/src/ssl_app.xml
+++ b/lib/ssl/doc/src/ssl_app.xml
@@ -58,7 +58,7 @@
erl -ssl protocol_version "['tlsv1.2', 'tlsv1.1']"
- ssl:protocol() ]]>.
+ protocol_version = ssl:protocol() ]]>
Protocol supported by started clients and
servers. If this option is not set, it defaults to all
protocols currently supported by the SSL application.
@@ -71,7 +71,7 @@
]]>
Name of the session cache callback module that implements
the ssl_session_cache_api behavior. Defaults to
- ssl_session_cache.erl.
+ ssl_session_cache.
]]>
@@ -110,7 +110,10 @@
ERROR LOGGER AND EVENT HANDLERS
- The SSL application uses the default OTP error logger to log unexpected errors and TLS alerts. The logging of TLS alerts may be turned off with the log_alert option.
+ The SSL application uses the default OTP error logger to log
+ unexpected errors and TLS alerts. The logging of TLS alerts may be
+ turned off with the log_alert option.