From 4d487ac60c3a4962a8280acfcf265b2523b2d76e Mon Sep 17 00:00:00 2001 From: Alexandru Munteanu Date: Fri, 28 Oct 2016 04:45:01 +0200 Subject: Add SSL options for legacy software interoperability --- src/ranch_ssl.erl | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'src/ranch_ssl.erl') diff --git a/src/ranch_ssl.erl b/src/ranch_ssl.erl index 8fe09dc..913761d 100644 --- a/src/ranch_ssl.erl +++ b/src/ranch_ssl.erl @@ -37,6 +37,7 @@ -export([close/1]). -type ssl_opt() :: {alpn_preferred_protocols, [binary()]} + | {beast_mitigation, one_n_minus_one | zero_n | disabled} | {cacertfile, string()} | {cacerts, [public_key:der_encoded()]} | {cert, public_key:der_encoded()} @@ -55,6 +56,7 @@ | {keyfile, string()} | {log_alert, boolean()} | {next_protocols_advertised, [binary()]} + | {padding_check, boolean()} | {partial_chain, fun(([public_key:der_encoded()]) -> {trusted_ca, public_key:der_encoded()} | unknown_ca)} | {password, string()} | {psk_identity, string()} @@ -65,6 +67,7 @@ | {sni_fun, fun()} | {sni_hosts, [{string(), ssl_opt()}]} | {user_lookup_fun, {fun(), any()}} + | {v2_hello_compatible, boolean()} | {verify, ssl:verify_type()} | {verify_fun, {fun(), any()}} | {versions, [atom()]}. @@ -101,12 +104,12 @@ listen(Opts) -> {reuseaddr, true}, {nodelay, true}])). listen_options() -> - [alpn_preferred_protocols, cacertfile, cacerts, cert, certfile, - ciphers, client_renegotiation, crl_cache, crl_check, depth, - dh, dhfile, fail_if_no_peer_cert, hibernate_after, honor_cipher_order, - key, keyfile, log_alert, next_protocols_advertised, partial_chain, - password, psk_identity, reuse_session, reuse_sessions, secure_renegotiate, - signature_algs, sni_fun, sni_hosts, user_lookup_fun, verify, verify_fun, versions + [alpn_preferred_protocols, beast_mitigation, cacertfile, cacerts, cert, certfile, + ciphers, client_renegotiation, crl_cache, crl_check, depth, dh, dhfile, + fail_if_no_peer_cert, hibernate_after, honor_cipher_order, key, keyfile, + log_alert, next_protocols_advertised, partial_chain, password, padding_check, + psk_identity, reuse_session, reuse_sessions, secure_renegotiate, signature_algs, + sni_fun, sni_hosts, user_lookup_fun, v2_hello_compatible, verify, verify_fun, versions |ranch_tcp:listen_options()]. -spec accept(ssl:sslsocket(), timeout()) -- cgit v1.2.3