Module: sip-router Branch: master Commit: f86da819836b7a8c832b4a80262d8f39a86563dd URL: http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=f86da819...
Author: Andrei Pelinescu-Onciul andrei@iptel.org Committer: Andrei Pelinescu-Onciul andrei@iptel.org Date: Tue Mar 16 11:34:45 2010 +0100
tls: documented is_peer_verified()
- documented is_peer_verified() - fixed the xmls, so that xmllint / make check does not return any errors - regenerated the README
---
modules/tls/README | 15 +++++++++++++++ modules/tls/doc/functions.xml | 28 ++++++++++++++++++++++++---- modules/tls/doc/history.xml | 2 +- modules/tls/doc/params.xml | 2 +- modules/tls/doc/tls.xml | 5 ++++- 5 files changed, 45 insertions(+), 7 deletions(-)
diff --git a/modules/tls/README b/modules/tls/README index 090ec26..0b71309 100644 --- a/modules/tls/README +++ b/modules/tls/README @@ -37,6 +37,9 @@ Andrei Pelinescu-Onciul 1.8.17. config (string)
1.9. Functions + + 1.9.1. is_peer_verified() + 1.10. History
1.1. Overview @@ -587,6 +590,18 @@ modparam("tls", "config", "/usr/local/etc/ser/tls.cfg") Revision History Revision $Revision$ $Date$
+1.9.1. is_peer_verified() + + Returns true if the connection on which the message was received is TLS + , the peer presented an X509 certificate and the certificate chain + verified ok. It can be used only in a request route. + + Example 20. is_peer_verified usage + if (proto==TLS && !is_peer_verified()){ + sl_send_reply("400", "No certificate or verification failed"); + drop; + } + 1.10. History
Revision History diff --git a/modules/tls/doc/functions.xml b/modules/tls/doc/functions.xml index 055aa6e..5409181 100644 --- a/modules/tls/doc/functions.xml +++ b/modules/tls/doc/functions.xml @@ -2,16 +2,36 @@ <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-<section id="textops.functions" xmlns:xi="http://www.w3.org/2001/XInclude"> - <sectioninfo> +<section id="textops.functions"> + <sectioninfo> <revhistory> <revision> <revnumber>$Revision$</revnumber> <date>$Date$</date> </revision> </revhistory> - </sectioninfo> + </sectioninfo> + + <title>Functions</title> + + <section id="tls.is_peer_verfied"> + <title><function>is_peer_verified()</function></title> + <para> + Returns true if the connection on which the message was received + is TLS , the peer presented an X509 certificate and the + certificate chain verified ok. + It can be used only in a request route. + </para> + <example> + <title><function>is_peer_verified</function> usage</title> + <programlisting> + if (proto==TLS && !is_peer_verified()){ + sl_send_reply("400", "No certificate or verification failed"); + drop; + } + </programlisting> + </example> + </section>
- <title>Functions</title>
</section> diff --git a/modules/tls/doc/history.xml b/modules/tls/doc/history.xml index becab1e..9be05b8 100644 --- a/modules/tls/doc/history.xml +++ b/modules/tls/doc/history.xml @@ -2,7 +2,7 @@ <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-<section id="tls.certs_howto" xmlns:xi="http://www.w3.org/2001/XInclude"> +<section id="tls.history"> <sectioninfo> <revhistory> <revision> diff --git a/modules/tls/doc/params.xml b/modules/tls/doc/params.xml index fda0f93..fa1f69a 100644 --- a/modules/tls/doc/params.xml +++ b/modules/tls/doc/params.xml @@ -2,7 +2,7 @@ <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
-<section id="tm.parameters" xmlns:xi="http://www.w3.org/2001/XInclude"> +<section id="tm.parameters"> <sectioninfo> <revhistory> <revision> diff --git a/modules/tls/doc/tls.xml b/modules/tls/doc/tls.xml index 3e3c031..f59f381 100644 --- a/modules/tls/doc/tls.xml +++ b/modules/tls/doc/tls.xml @@ -1,6 +1,9 @@ <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" + [ <!ENTITY % local.common.attrib + "xmlns:xi CDATA #FIXED 'http://www.w3.org/2001/XInclude'">] +>
<section id="tls" xmlns:xi="http://www.w3.org/2001/XInclude"> <sectioninfo>