Update Doku aus Driversourcen
Change-Id: I455f0813b970151089b3dc1b8d9407eea323cdd1
diff --git a/doc/concepts/tls b/doc/concepts/tls
index 25946a2..d42d8de 100644
--- a/doc/concepts/tls
+++ b/doc/concepts/tls
@@ -3,53 +3,55 @@
tls (transport layer security)
DESCRIPTION
- TLS stands for Transport Layer Security which is the successor
- of the well known SSL (Secure Socket Layer). Both techniques
- provide a way to authenticate and encrypt the data send through
- a network connection.
- By enabling TLS during compilation of the driver you can provide
- a secure channel into the mud to your players.
- In difference to other solutions as "sslwrap" or "stunnel" the
- driver integrated approach has the advantage that the mud sees
- the real IP of the player, not the IP of the local mud host.
+ TLS stands for Transport Layer Security which is the successor
+ of the well known SSL (Secure Socket Layer). Both techniques
+ provide a way to authenticate and encrypt the data send through
+ a network connection.
+
+ By enabling TLS during compilation of the driver you can provide
+ a secure channel into the mud to your players.
+
+ In difference to other solutions as "sslwrap" or "stunnel" the
+ driver integrated approach has the advantage that the mud sees
+ the real IP of the player, not the IP of the local mud host.
USAGE
- To use TLS configure your driver with --enable-tls option.
- After starting your driver you have five new efuns
- (tls_init_connection(), tls_deinit_connection(), tls_error(),
- tls_query_connection_info(), tls_query_connection_state()).
+ To use TLS configure your driver with --enable-tls option.
+ After starting your driver you have five new efuns
+ (tls_init_connection(), tls_deinit_connection(), tls_error(),
+ tls_query_connection_info(), tls_query_connection_state()).
- You can switch on TLS by calling tls_init_connection().
- This can happen in three ways:
+ You can switch on TLS by calling tls_init_connection().
+ This can happen in three ways:
- 1) in telnet_neg()
+ 1) in telnet_neg()
- Advantage of this method is that you can offer TLS on a normal
- mud port. If you have a limited number of ports this can
- become important. The TLS connection will be started by
+ Advantage of this method is that you can offer TLS on a normal
+ mud port. If you have a limited number of ports this can
+ become important. The TLS connection will be started by
the client with help of telnet option STARTTLS. Currently
there are no mudclients that support this method.
-
+
You will have to implement the telnet option STARTTLS (46) for
this method. The draft for this can be found here:
http://www.ietf.org/proceedings/99mar/I-D/draft-ietf-tn3270e-telnet-tls-01.txt
Call tls_init_connection() to initiate the TLS handshake.
- 2) in master_ob->connect()
+ 2) in master_ob->connect()
Advantage of this method is that your users can connect with
any program that supports TLS/SSL. Examples are telnet-ssl,
sslwrap or stunnel. Disadvantage is that you have to spend
a dedicated port for this.
-
+
You have to call tls_init_connection() as first command
after the player connected (normally in master_ob->connect())
3) in an interactive object using a callback.
This method is similar to method (1), but not limited to
- telnet: it is useful for implementing protocols thta use
+ telnet: it is useful for implementing protocols that use
STARTTLS like SMTP or IMAP. tls_init_connection() can be
called at any time by the interactive object.