updated documentation

2 files changed, 21 insertions, 7 deletions

diff --git a/doc/tex/auth.tex b/doc/tex/auth.tex
index a5e63c23d7..255a1d873c 100644
--- a/doc/tex/auth.tex
+++ b/doc/tex/auth.tex
@@ -63,9 +63,23 @@ ANON\_DH & This algorithm exchanges Diffie Hellman parameters.
 \subsection{Authentication using SRP}
 Authentication using the SRP\footnote{SRP stands for Secure Password Protocol and 
 is described in RFC2945. The SRP key exchange is not a part of the \tlsI protocol}
-can be described as password authentication, since the two peers are identified by the knowledge 
-of a password. This protocol also offers protection against off-line attacks (password file stealing
-etc.). 
+is actually password authentication, since the two peers are identified by the knowledge of a password. 
+This protocol also offers protection against off-line attacks (password file stealing etc). 
+This is achieved since SRP does not use the plain password to perform authentication, but something called a 
+verifier. The verifier is $g^{x}mod(n)$ and $x$ is a value calculated
+from the username and the password. 
+\par SRP is normaly used with a SHA based hash function, to calculate
+the value of $x$. In \gnutls in addition to original SHA hash function,
+a hash function based on blowfish crypt is also supported. The blowfish
+crypt function has the property of variable complexity, thus the
+verifier may resist future attacks based on computational power, by just increasing
+the complexity of the function (sometimes called 'the cost').
+\par The advantage of SRP authentication, over other proposed secure password 
+authentication schemas, is that SRP does not require the server to hold
+the user's password. This kind of protection is similar to the one used traditionaly
+in the \emph{UNIX} 'passwd' file, where the contents of this file did not cause
+harm to the system security if they were revealed.
+\par
 Available key exchange methods are shown in \hyperref{figure}{figure }{}{fig:srp}.
 
 \begin{figure}[hbtp]
diff --git a/doc/tex/translayer.tex b/doc/tex/translayer.tex
index 30f6d9dd8d..cc74d5db07 100644
--- a/doc/tex/translayer.tex
+++ b/doc/tex/translayer.tex
@@ -2,8 +2,8 @@
 \par
 \gnutls can be used above any reliable transport layer. To do this you will only 
 need to set up the 
-\hyperref{gnutls\_transport\_set\_push\_function()}{gnutls\_transport\_set\_push\_function() (see Section }{)}{gnutls_transport_set_push_function} and
-\hyperref{gnutls\_transport\_set\_pull\_function()}{gnutls\_transport\_set\_pull\_function() (see Section }{)}{gnutls_transport_set_pull_function}
+\hyperref{gnutls\_transport\_set\_push\_func()}{gnutls\_transport\_set\_push\_func() (see Section }{)}{gnutls_transport_set_push_func} and
+\hyperref{gnutls\_transport\_set\_pull\_func()}{gnutls\_transport\_set\_pull\_func() (see Section }{)}{gnutls_transport_set_pull_func}
 functions. These functions will then be used by gnutls in order to send and receive data.
 The functions specified should return -1 on error and should set errno appropriately.
 \gnutls supports EINTR and EAGAIN errno values. These values are
@@ -13,8 +13,8 @@ will be returned to the caller of the gnutls function. \gnutls functions
 can be resumed (called again), if any of these values is returned.
 \par
 By default, if none of the above functions are called, gnutls will use
-the berkeley sockets functions recv() and send(). In this case
-gnutls will use some hacks in order for select() to work, thus
+the berkeley sockets functions \emph{recv()} and \emph{send()}. In this case
+gnutls will use some hacks in order for \emph{select()} to work, thus
 making easy to add \tls support to existing servers.