Module: kamailio Branch: master Commit: 24d310e463754d29b60ad919e7fcbd150cfca7f1 URL: https://github.com/kamailio/kamailio/commit/24d310e463754d29b60ad919e7fcbd15...
Author: Kamailio Dev kamailio.dev@kamailio.org Committer: Kamailio Dev kamailio.dev@kamailio.org Date: 2025-07-24T12:46:10+02:00
modules: readme files regenerated - tls ... [skip ci]
---
Modified: src/modules/tls/README
---
Diff: https://github.com/kamailio/kamailio/commit/24d310e463754d29b60ad919e7fcbd15... Patch: https://github.com/kamailio/kamailio/commit/24d310e463754d29b60ad919e7fcbd15...
---
diff --git a/src/modules/tls/README b/src/modules/tls/README index 3a8f18e5774..b6f8a0c0ba2 100644 --- a/src/modules/tls/README +++ b/src/modules/tls/README @@ -73,6 +73,8 @@ Olle E. Johansson 10.39. engine_algorithms (string) 10.40. verify_client (string) 10.41. provider_quirks (integer) + 10.42. keylog_mode (int) + 10.43. keylog_file (str)
11. Functions
@@ -151,9 +153,11 @@ Olle E. Johansson 1.49. Set rand_engine parameter 1.50. Set verify_client modparam parameter 1.51. Set verify_client tls.cfg parameter - 1.52. is_peer_verified usage - 1.53. tls_set_connect_server_id usage - 1.54. Use of event_route[tls:connection-out] + 1.52. Set keylog_mode parameter + 1.53. Set keylog_file parameter + 1.54. is_peer_verified usage + 1.55. tls_set_connect_server_id usage + 1.56. Use of event_route[tls:connection-out]
Chapter 1. Admin Guide
@@ -211,6 +215,8 @@ Chapter 1. Admin Guide 10.39. engine_algorithms (string) 10.40. verify_client (string) 10.41. provider_quirks (integer) + 10.42. keylog_mode (int) + 10.43. keylog_file (str)
11. Functions
@@ -651,6 +657,8 @@ Place holder 10.39. engine_algorithms (string) 10.40. verify_client (string) 10.41. provider_quirks (integer) + 10.42. keylog_mode (int) + 10.43. keylog_file (str)
10.1. tls_method (string)
@@ -1648,6 +1656,36 @@ verify_client = optional_no_ca * 1 - create a new `OSSL_LIB_CTX` context in the child process. Known to be required when using OpenSSL 3 pkcs11-provider.
+10.42. keylog_mode (int) + + Control the TLS key logging functionality, available for libssl version + greater than 1.1.0. Its value is composed from bitwise values (can be + made as sum of them): + * 0 - keys logging inactive + * 1 (bit 1) - keys logging active + * 2 (bit 2) - write keys to NOTICE log + * 4 (bit 3) - write keys to file + + The default value: 0. + + Example 1.52. Set keylog_mode parameter +... +modparam("tls", "keylog_mode", 7) +... + +10.43. keylog_file (str) + + Path to the file where to write the TLS keys. The values are appended + to the content of the file. The value 4 (bit 3) has to be set to + keylog_mode parameter. + + The default value: NULL. + + Example 1.53. Set keylog_file parameter +... +modparam("tls", "keylog_file", "/tmp/kamailio-tls-keylog.txt") +... + 11. Functions
11.1. is_peer_verified() @@ -1661,7 +1699,7 @@ verify_client = optional_no_ca
It can be used only in a request route.
- Example 1.52. is_peer_verified usage + Example 1.54. is_peer_verified usage ... if (proto==TLS && !is_peer_verified()) { sl_send_reply("400", "No certificate or verification failed"); @@ -1680,7 +1718,7 @@ verify_client = optional_no_ca
It can be used only in ANY_ROUTE.
- Example 1.53. tls_set_connect_server_id usage + Example 1.55. tls_set_connect_server_id usage ... tls_set_connect_server_id("clientone"); ... @@ -1772,7 +1810,7 @@ verify_client = optional_no_ca If drop() is executed in the event route, then the data is no longer sent over the connection.
- Example 1.54. Use of event_route[tls:connection-out] + Example 1.56. Use of event_route[tls:connection-out] ... event_route[tls:connection-out] { if($sndto(ip)=="1.2.3.4") {
-
Kamailio Dev