diff options
| author | Loïc Hoguin <[email protected]> | 2018-07-04 12:33:30 +0200 |
|---|---|---|
| committer | Loïc Hoguin <[email protected]> | 2018-07-04 12:33:30 +0200 |
| commit | a767abb47e6d9a0817d37413e1b5c1d338b362d8 (patch) | |
| tree | 8157fde9eb94bdf8cf0b4b94f252d7104889d917 /doc | |
| parent | 794a816814cbc9a126531829fae5c7e3359179c3 (diff) | |
| download | ranch-a767abb47e6d9a0817d37413e1b5c1d338b362d8.tar.gz ranch-a767abb47e6d9a0817d37413e1b5c1d338b362d8.tar.bz2 ranch-a767abb47e6d9a0817d37413e1b5c1d338b362d8.zip | |
Enable TLS upgrades via ranch_ssl:handshake/3
Based on the work done by @juhlig.
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/src/guide/transports.asciidoc | 11 | ||||
| -rw-r--r-- | doc/src/manual/ranch_transport.asciidoc | 7 |
2 files changed, 17 insertions, 1 deletions
diff --git a/doc/src/guide/transports.asciidoc b/doc/src/guide/transports.asciidoc index f5bb17e..70efa1b 100644 --- a/doc/src/guide/transports.asciidoc +++ b/doc/src/guide/transports.asciidoc @@ -144,6 +144,17 @@ possible to use a file descriptor opened in raw mode: {ok, RawFile} = file:open(Filename, [raw, read, binary]), {ok, SentBytes} = Transport:sendfile(Socket, RawFile, Offset, Bytes, Opts). +=== Upgrading a TCP socket to SSL + +A connected TCP socket can be upgraded to a SSL socket via the function +`ranch_ssl:handshake/3`. The socket *must* be in `{active, false}` mode +before telling the client that the server is ready to upgrade in order +to avoid race conditions. + +.Performing a TLS handshake on a TCP socket +[source,erlang] +{ok, NewSocket} = ranch_ssl:handshake(Socket, SslOpts, 5000). + === Writing a transport handler A transport handler is a module implementing the `ranch_transport` behavior. diff --git a/doc/src/manual/ranch_transport.asciidoc b/doc/src/manual/ranch_transport.asciidoc index 6545720..ec35589 100644 --- a/doc/src/manual/ranch_transport.asciidoc +++ b/doc/src/manual/ranch_transport.asciidoc @@ -55,13 +55,18 @@ Options = any():: Options for initialization. Timeout = timeout():: Handshake timeout. CSocket1 = any():: Initialized socket for this connection. -Perform post-accept initialization of the connection. +Perform any necessary handshake for this transport. This function will be called by connection processes before performing any socket operation. It allows transports that require extra initialization to perform their task and return a socket that is ready to use. +This function may also be used to upgrade a connection +from a transport to another depending on the capabilities +of the transports. For example a `ranch_tcp` socket may +be upgraded to a `ranch_ssl` one using this function. + === listen(TransOpts) -> {ok, LSocket} | {error, atom()} TransOpts = any():: Transport options. |