Author: kgiusti
Date: Wed Mar 5 16:18:59 2014
New Revision: 1574559
URL: http://svn.apache.org/r1574559
Log:
NO-JIRA: update the SSL documentation
Modified:
qpid/proton/trunk/proton-c/include/proton/ssl.h
Modified: qpid/proton/trunk/proton-c/include/proton/ssl.h
URL:
http://svn.apache.org/viewvc/qpid/proton/trunk/proton-c/include/proton/ssl.h?rev=1574559&r1=1574558&r2=1574559&view=diff
==============================================================================
--- qpid/proton/trunk/proton-c/include/proton/ssl.h (original)
+++ qpid/proton/trunk/proton-c/include/proton/ssl.h Wed Mar 5 16:18:59 2014
@@ -56,9 +56,6 @@ extern "C" {
* sessions constructed from this domain will perform the corresponding role
(either
* client or server).
*
- * Some per-session attributes - such as peer verification mode - may be
overridden on a
- * per-session basis from the default provided by the parent pn_ssl_domain_t.
- *
* If either an SSL server or client needs to identify itself with the remote
node, it
* must have its SSL certificate configured (see
::pn_ssl_domain_set_credentials()).
*
@@ -69,11 +66,10 @@ extern "C" {
* the clear"), see ::pn_ssl_domain_allow_unsecured_client().
*
* The level of verification required of the remote may be configured (see
- * ::pn_ssl_domain_set_default_peer_authentication
::pn_ssl_set_peer_authentication,
- * ::pn_ssl_get_peer_authentication).
+ * ::pn_ssl_domain_set_peer_authentication)
*
- * Support for SSL Client Session resume is provided (see ::pn_ssl_get_state,
- * ::pn_ssl_resume_state).
+ * Support for SSL Client Session resume is provided (see ::pn_ssl_init,
+ * ::pn_ssl_resume_status).
*
* @defgroup ssl SSL
* @ingroup transport
@@ -136,9 +132,9 @@ PN_EXTERN void pn_ssl_domain_free( pn_ss
* @return 0 on success
*/
PN_EXTERN int pn_ssl_domain_set_credentials( pn_ssl_domain_t *domain,
- const char *certificate_file,
- const char *private_key_file,
- const char *password);
+ const char *certificate_file,
+ const char *private_key_file,
+ const char *password);
/** Configure the set of trusted CA certificates used by this domain to verify
peers.
*
@@ -184,10 +180,10 @@ typedef enum {
* Once certificates and trusted CAs are configured, peer verification can be
enabled.
*
* @note In order to verify a peer, a trusted CA must be configured. See
- * ::pn_ssl_set_trusted_ca_db().
+ * ::pn_ssl_domain_set_trusted_ca_db().
*
* @note Servers must provide their own certificate when verifying a peer. See
- * ::pn_ssl_set_credentials().
+ * ::pn_ssl_domain_set_credentials().
*
* @note This setting effects only those pn_ssl_t objects created after this
call
* returns. pn_ssl_t objects created before invoking this method will use the
domain's
@@ -232,9 +228,10 @@ PN_EXTERN pn_ssl_t *pn_ssl(pn_transport_
*
* @param[in] ssl the ssl session to configured.
* @param[in] domain the ssl domain used to configure the SSL session.
- * @param[in] session_id if supplied, attempt to resume a previous SSL session
that used
- * the same session_id. The resulting session will be identified by the given
session_id
- * and stored for future session restore.
+ * @param[in] session_id if supplied, attempt to resume a previous SSL
+ * session that used the same session_id. If no previous SSL session
+ * is available, a new session will be created using the session_id
+ * and stored for future session restore (see ::::pn_ssl_resume_status).
* @return 0 on success, else an error code.
*/
PN_EXTERN int pn_ssl_init( pn_ssl_t *ssl,
@@ -291,7 +288,7 @@ PN_EXTERN pn_ssl_resume_status_t pn_ssl_
* (potential imposter), and the SSL connection is aborted.
*
* @note Verification of the hostname is only done if PN_SSL_VERIFY_PEER_NAME
is enabled.
- * See ::pn_ssl_set_peer_authentication.
+ * See ::pn_ssl_domain_set_peer_authentication.
*
* @param[in] ssl the ssl session.
* @param[in] hostname the expected identity of the remote. Must conform to
the syntax as
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@qpid.apache.org
For additional commands, e-mail: commits-h...@qpid.apache.org
