Module: kamailio Branch: master Commit: 9da757be8861649cdcc9e03bfaf35e6b257ff18f URL: https://github.com/kamailio/kamailio/commit/9da757be8861649cdcc9e03bfaf35e6… Author: Piotr Gregor &lt;piotr(a)signalwire.com&gt; Committer: Piotr Gregor &lt;piotr(a)signalwire.com&gt; Date: 2021-03-25T02:52:57Z stirshaken: Fix usage examples [skip ci] Modified: src/modules/stirshaken/doc/stirshaken_admin.xml --- Modified: src/modules/stirshaken/doc/stirshaken_admin.xml --- Diff: https://github.com/kamailio/kamailio/commit/9da757be8861649cdcc9e03bfaf35e6… Patch: https://github.com/kamailio/kamailio/commit/9da757be8861649cdcc9e03bfaf35e6… --- diff --git a/src/modules/stirshaken/doc/stirshaken_admin.xml b/src/modules/stirshaken/doc/stirshaken_admin.xml index 55ef50a837..4634f0b752 100644 --- a/src/modules/stirshaken/doc/stirshaken_admin.xml +++ b/src/modules/stirshaken/doc/stirshaken_admin.xml @@ -24,9 +24,10 @@ <para> stirshaken module exports the functions to check and to generate PASSporT, wrapped into SIP Identity header. For call authentication two functions are available: stirshaken_add_identity(...) and stirshaken_add_identity_with_key(key). - stirshaken_add_identity() uses default key (through Authentication Service), stirshaken_add_identity_with_key(..., key) uses specifoed key. + stirshaken_add_identity() uses default key (through Authentication Service), stirshaken_add_identity_with_key(..., key) uses key specified as argument. For call verification three methods are available: stirshaken_check_identity() (through Verification Service), stirshaken_check_identity_with_key(key) and stirshaken_check_identity_with_cert(cert). + Only stirshaken_check_identity() may download certificate (if needed) and check it with X509 certificate path check algorithm. </para> </section> <section> @@ -291,7 +292,11 @@ modparam("stirshaken", "vs_cache_expire_s", 100) request_route { ... - if(stirshaken_check_identity()) { // bad identity } + if (1 == stirshaken_check_identity()) { + xlog("Shaken Identity is OK\n"); + } else { + xlog("Shaken Identity is invalid\n"); + } ... } ... @@ -326,7 +331,11 @@ request_route { ... request_route { ... - if(stirshaken_check_identity_with_key("/path/to/key")) { // bad identity } + if (1 == stirshaken_check_identity_with_key("/path/to/key")) { + xlog("Shaken Identity is OK\n"); + } else { + xlog("Shaken Identity is invalid\n"); + } ... } ... @@ -352,7 +361,11 @@ request_route { ... request_route { ... - if(stirshaken_check_identity_with_cert("/path/to/cert")) { // bad identity } + if (1 == stirshaken_check_identity_with_cert("/path/to/cert")) { + xlog("Shaken Identity is OK\n"); + } else { + xlog("Shaken Identity is invalid\n"); + } ... } ... @@ -382,7 +395,11 @@ request_route { ... request_route { ... - stirshaken_add_identity("https://sp.com/sp.pem".pem", "B", "+44100", "+44200", "origid"); + if (1 == stirshaken_add_identity("https://sp.com/sp.pem".pem", "B", "+44100", "+44200", "origid")) { + xlog("Shaken authentication added (SIP Identity Header created)\n"); + } else { + xlog("Failed\n"); + } ... } ... @@ -397,7 +414,11 @@ request_route { ... request_route { ... - stirshaken_add_identity("https://sp.com/sp.pem".pem", "B", "+44100", "+44200", ""); + if (1 == stirshaken_add_identity("https://sp.com/sp.pem".pem", "B", "+44100", "+44200", "")) { + xlog("Shaken authentication added (SIP Identity Header created)\n"); + } else { + xlog("Failed\n"); + } ... } ...