Module: kamailio Branch: master Commit: f3f3ed2b343fc2f33f14e903f927a138e3c3adb4 URL: https://github.com/kamailio/kamailio/commit/f3f3ed2b343fc2f33f14e903f927a13… Author: Kamailio Dev <kamailio.dev(a)kamailio.org> Committer: Kamailio Dev <kamailio.dev(a)kamailio.org> Date: 2017-08-15T15:16:24+02:00 modules: readme files regenerated - tls ... [skip ci] --- Modified: src/modules/tls/README --- Diff: https://github.com/kamailio/kamailio/commit/f3f3ed2b343fc2f33f14e903f927a13… Patch: https://github.com/kamailio/kamailio/commit/f3f3ed2b343fc2f33f14e903f927a13… --- diff --git a/src/modules/tls/README b/src/modules/tls/README index f0d36b2758..dcdbfed6de 100644 --- a/src/modules/tls/README +++ b/src/modules/tls/README @@ -63,6 +63,7 @@ Olle E. Johansson 9.30. renegotiation (boolean) 9.31. config (string) 9.32. xavp_cfg (string) + 9.33. event_callback (str) 10. Functions @@ -80,6 +81,10 @@ Olle E. Johansson 12.1. License 12.2. History + 13. Event Routes + + 13.1. event_route[tls:connection-out] + List of Examples 1.1. Quick start config @@ -125,7 +130,9 @@ Olle E. Johansson 1.41. Set config parameter 1.42. Change and reload the TLS configuration at runtime 1.43. Set xavp_cfg parameter - 1.44. is_peer_verified usage + 1.44. Set event_callback parameter + 1.45. is_peer_verified usage + 1.46. Use of event_route[tls:connection-out] Chapter 1. Admin Guide @@ -173,6 +180,7 @@ Chapter 1. Admin Guide 9.30. renegotiation (boolean) 9.31. config (string) 9.32. xavp_cfg (string) + 9.33. event_callback (str) 10. Functions @@ -190,6 +198,10 @@ Chapter 1. Admin Guide 12.1. License 12.2. History + 13. Event Routes + + 13.1. event_route[tls:connection-out] + 1. Overview This module implements the TLS transport for Kamailio using the OpenSSL @@ -520,6 +532,7 @@ Revoking a certificate and using a CRL 9.30. renegotiation (boolean) 9.31. config (string) 9.32. xavp_cfg (string) + 9.33. event_callback (str) 9.1. tls_method (string) @@ -1267,6 +1280,28 @@ modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg") route(RELAY); ... +9.33. event_callback (str) + + The name of the function in the kemi configuration file (embedded + scripting language such as Lua, Python, ...) to be executed instead of + event_route[...] blocks specific for tls module. + + The function has one string parameter, the value is the name of the + event_route block, respectively "tls:connection-out". + + Default value is 'empty' (no function is executed for events). + + Example 1.44. Set event_callback parameter +... +modparam("tls", "event_callback", "ksr_tls_event") +... +-- event callback function implemented in Lua +function ksr_tls_event(evname) + KSR.info("===== tls module triggered event: " .. evname .. "\n"); + return 1; +end +... + 10. Functions 10.1. is_peer_verified() @@ -1277,7 +1312,7 @@ modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg") , the peer presented an X509 certificate and the certificate chain verified ok. It can be used only in a request route. - Example 1.44. is_peer_verified usage + Example 1.45. is_peer_verified usage if (proto==TLS && !is_peer_verified()){ sl_send_reply("400", "No certificate or verification failed"); drop; @@ -1343,3 +1378,22 @@ modparam("tls", "config", "/usr/local/etc/kamailio/tls.cfg") Install does not generate self-signed certificates by default anymore. In order to generate them now you should do "make install-tls-cert" + +13. Event Routes + + 13.1. event_route[tls:connection-out] + +13.1. event_route[tls:connection-out] + + Event route to be executed when a TLS connection is opened by Kamailio. + If drop() is executed in the event route, then the data is no longer + sent over the connection. + + Example 1.46. Use of event_route[tls:connection-out] +... +event_route[tls:connection-out] { + if($sndto(ip)=="1.2.3.4") { + drop; + } +} +...