aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJack Lloyd <[email protected]>2019-06-29 08:41:07 -0400
committerJack Lloyd <[email protected]>2019-06-29 08:41:07 -0400
commitb4ff761aead08104cf955c5a7b075bba423fbe93 (patch)
treece60386872f707974b0778f896dcd3dcb38b2516
parent4a3b328ed7db9af24e9bbe20fa186a488669c28f (diff)
Improve TLS callback documentation
-rw-r--r--doc/api_ref/tls.rst20
1 files changed, 20 insertions, 0 deletions
diff --git a/doc/api_ref/tls.rst b/doc/api_ref/tls.rst
index 35df6a676..1da40c58f 100644
--- a/doc/api_ref/tls.rst
+++ b/doc/api_ref/tls.rst
@@ -132,6 +132,26 @@ information about the connection.
The default implementation returns the empty string all of the time, effectively disabling
ALPN responses.
+ .. cpp:function:: void tls_session_activated()
+
+ Optional. By default does nothing. This is called when the session is
+ activated, that is once it is possible to send or receive data on the
+ channel. In particular it is possible for an implementation of this
+ function to perform an initial write on the channel.
+
+ .. cpp:function:: std::vector<uint8_t> tls_provide_cert_status(const std::vector<X509_Certificate>& chain, \
+ const Certificate_Status_Request& csr)
+
+ Optional. This can return a cached OCSP response. This is only
+ used on the server side, and only if the client requests OCSP
+ stapling.
+
+ .. cpp:function:: std::string tls_peer_network_identity()
+
+ Optional. Return a string that identifies the peer in some unique way
+ (for example, by formatting the remote IP and port into a string).
+ This is currently used to bind DTLS cookies to the network identity.
+
.. cpp:function:: void tls_inspect_handshake_msg(const Handshake_Message&)
This callback is optional, and can be used to inspect all handshake messages