tlsops Module

openssl (libssl)

...
if (is_peer_verified()) {
        xlog("L_INFO","request from verified TLS peer\n");
} else {
        xlog("L_INFO","request not verified\n");
}
...
/C=AT/ST=Vienna/L=Vienna/O=enum.at/CN=enum.at
xlog("L_INFO","==================== start TLS pseudo variables =================='\n");
xlog("L_INFO","$$tls_version                    = '$tls_version'\n");
xlog("L_INFO","$$tls_description                = '$tls_description'\n");
xlog("L_INFO","$$tls_cipher_info                = '$tls_cipher_info'\n");
xlog("L_INFO","$$tls_cipher_bits                = '$tls_cipher_bits'\n");
xlog("L_INFO","$$tls_peer_subject               = '$tls_peer_subject'\n");
xlog("L_INFO","$$tls_peer_issuer                = '$tls_peer_issuer'\n");
xlog("L_INFO","$$tls_my_subject                 = '$tls_my_subject'\n");
xlog("L_INFO","$$tls_my_issuer                  = '$tls_my_issuer'\n");
xlog("L_INFO","$$tls_peer_version               = '$tls_peer_version'\n");
xlog("L_INFO","$$tls_my_version                 = '$tls_my_version'\n");
xlog("L_INFO","$$tls_peer_serial                = '$tls_peer_serial'\n");
xlog("L_INFO","$$tls_my_serial                  = '$tls_my_serial'\n");
xlog("L_INFO","$$tls_peer_subject_cn            = '$tls_peer_subject_cn'\n");
xlog("L_INFO","$$tls_peer_issuer_cn             = '$tls_peer_issuer_cn'\n");
xlog("L_INFO","$$tls_my_subject_cn              = '$tls_my_subject_cn'\n");
xlog("L_INFO","$$tls_my_issuer_cn               = '$tls_my_issuer_cn'\n");
xlog("L_INFO","$$tls_peer_subject_locality      = '$tls_peer_subject_locality'\n");
xlog("L_INFO","$$tls_peer_issuer_locality       = '$tls_peer_issuer_locality'\n");
xlog("L_INFO","$$tls_my_subject_locality        = '$tls_my_subject_locality'\n");
xlog("L_INFO","$$tls_my_issuer_locality         = '$tls_my_issuer_locality'\n");
xlog("L_INFO","$$tls_peer_subject_country       = '$tls_peer_subject_country'\n");
xlog("L_INFO","$$tls_peer_issuer_country        = '$tls_peer_issuer_country'\n");
xlog("L_INFO","$$tls_my_subject_country         = '$tls_my_subject_country'\n");
xlog("L_INFO","$$tls_my_issuer_country          = '$tls_my_issuer_country'\n");
xlog("L_INFO","$$tls_peer_subject_state         = '$tls_peer_subject_state'\n");
xlog("L_INFO","$$tls_peer_issuer_state          = '$tls_peer_issuer_state'\n");
xlog("L_INFO","$$tls_my_subject_state           = '$tls_my_subject_state'\n");
xlog("L_INFO","$$tls_my_issuer_state            = '$tls_my_issuer_state'\n");
xlog("L_INFO","$$tls_peer_subject_organization  = '$tls_peer_subject_organization'\n");
xlog("L_INFO","$$tls_peer_issuer_organization   = '$tls_peer_issuer_organization'\n");
xlog("L_INFO","$$tls_my_subject_organization    = '$tls_my_subject_organization'\n");
xlog("L_INFO","$$tls_my_issuer_organization     = '$tls_my_issuer_organization'\n");
xlog("L_INFO","$$tls_peer_subject_unit          = '$tls_peer_subject_unit'\n");
xlog("L_INFO","$$tls_peer_issuer_unit           = '$tls_peer_issuer_unit'\n");
xlog("L_INFO","$$tls_my_subject_unit            = '$tls_my_subject_unit'\n");
xlog("L_INFO","$$tls_my_issuer_unit             = '$tls_my_issuer_unit'\n");
xlog("L_INFO","$$tls_peer_san_email             = '$tls_peer_san_email'\n");
xlog("L_INFO","$$tls_my_san_email               = '$tls_my_san_email'\n");
xlog("L_INFO","$$tls_peer_san_hostname          = '$tls_peer_san_hostname'\n");
xlog("L_INFO","$$tls_my_san_hostname            = '$tls_my_san_hostname'\n");
xlog("L_INFO","$$tls_peer_san_uri               = '$tls_peer_san_uri'\n");
xlog("L_INFO","$$tls_my_san_uri                 = '$tls_my_san_uri'\n");
xlog("L_INFO","$$tls_peer_san_ip                = '$tls_peer_san_ip'\n");
xlog("L_INFO","$$tls_my_san_ip                  = '$tls_my_san_ip'\n");
xlog("L_INFO","$$tls_peer_verified              = '$tls_peer_verified'\n");
xlog("L_INFO","$$tls_peer_revoked               = '$tls_peer_revoked'\n");
xlog("L_INFO","$$tls_peer_expired               = '$tls_peer_expired'\n");
xlog("L_INFO","$$tls_peer_selfsigned            = '$tls_peer_selfsigned'\n");
xlog("L_INFO","$$tls_peer_notBefore             = '$tls_peer_notBefore'\n");
xlog("L_INFO","$$tls_peer_notAfter              = '$tls_peer_notAfter'\n");
xlog("L_INFO","==================== end TLS pseudo variables =================='\n");

tlsops Module

Klaus Darilion

Edited by

Klaus Darilion

Chapter 1. User's Guide

1.1. Overview

1.2. Dependencies

1.2.1. OpenSER core

1.2.2. External Libraries or Applications

1.3. Exported Parameters

1.4. Exported Functions

1.4.1. `is_peer_verified`

1.5. Pseudo-Variables

Chapter 2. Developer's Guide

Chapter 3. Frequently Asked Questions