Improve TLS callback documentation

1 files changed, 20 insertions, 0 deletions

diff --git a/doc/api_ref/tls.rst b/doc/api_ref/tls.rst
index 35df6a676..1da40c58f 100644
--- a/doc/api_ref/tls.rst
+++ b/doc/api_ref/tls.rst
@@ -132,6 +132,26 @@ information about the connection.
      The default implementation returns the empty string all of the time, effectively disabling
      ALPN responses.
 
+ .. cpp:function:: void tls_session_activated()
+
+    Optional. By default does nothing. This is called when the session is
+    activated, that is once it is possible to send or receive data on the
+    channel.  In particular it is possible for an implementation of this
+    function to perform an initial write on the channel.
+
+ .. cpp:function:: std::vector<uint8_t> tls_provide_cert_status(const std::vector<X509_Certificate>& chain, \
+                                                           const Certificate_Status_Request& csr)
+
+     Optional. This can return a cached OCSP response. This is only
+     used on the server side, and only if the client requests OCSP
+     stapling.
+
+ .. cpp:function:: std::string tls_peer_network_identity()
+
+     Optional. Return a string that identifies the peer in some unique way
+     (for example, by formatting the remote IP and port into a string).
+     This is currently used to bind DTLS cookies to the network identity.
+
  .. cpp:function:: void tls_inspect_handshake_msg(const Handshake_Message&)
 
      This callback is optional, and can be used to inspect all handshake messages