[sr-dev] git:master: tls: documented is_peer_verified()

Andrei Pelinescu-Onciul andrei at iptel.org
Tue Mar 16 11:37:24 CET 2010 

Module: sip-router
Branch: master
Commit: f86da819836b7a8c832b4a80262d8f39a86563dd
URL:    http://git.sip-router.org/cgi-bin/gitweb.cgi/sip-router/?a=commit;h=f86da819836b7a8c832b4a80262d8f39a86563dd

Author: Andrei Pelinescu-Onciul <andrei at iptel.org>
Committer: Andrei Pelinescu-Onciul <andrei at iptel.org>
Date:   Tue Mar 16 11:34:45 2010 +0100

tls: documented is_peer_verified()

- documented is_peer_verified()
- fixed the xmls, so that xmllint / make check does not return any
  errors
- regenerated the README

---

 modules/tls/README            |   15 +++++++++++++++
 modules/tls/doc/functions.xml |   28 ++++++++++++++++++++++++----
 modules/tls/doc/history.xml   |    2 +-
 modules/tls/doc/params.xml    |    2 +-
 modules/tls/doc/tls.xml       |    5 ++++-
 5 files changed, 45 insertions(+), 7 deletions(-)

diff --git a/modules/tls/README b/modules/tls/README
index 090ec26..0b71309 100644
--- a/modules/tls/README
+++ b/modules/tls/README
@@ -37,6 +37,9 @@ Andrei Pelinescu-Onciul
         1.8.17. config (string)
 
    1.9. Functions
+
+        1.9.1. is_peer_verified()
+
    1.10. History
 
 1.1. Overview
@@ -587,6 +590,18 @@ modparam("tls", "config", "/usr/local/etc/ser/tls.cfg")
    Revision History
    Revision $Revision$ $Date$
 
+1.9.1. is_peer_verified()
+
+   Returns true if the connection on which the message was received is TLS
+   , the peer presented an X509 certificate and the certificate chain
+   verified ok. It can be used only in a request route.
+
+   Example 20. is_peer_verified usage
+        if (proto==TLS && !is_peer_verified()){
+                sl_send_reply("400", "No certificate or verification failed");
+                drop;
+        }
+
 1.10. History
 
    Revision History
diff --git a/modules/tls/doc/functions.xml b/modules/tls/doc/functions.xml
index 055aa6e..5409181 100644
--- a/modules/tls/doc/functions.xml
+++ b/modules/tls/doc/functions.xml
@@ -2,16 +2,36 @@
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
-<section id="textops.functions" xmlns:xi="http://www.w3.org/2001/XInclude">
-    <sectioninfo>
+<section id="textops.functions">
+	<sectioninfo>
 	<revhistory>
 	    <revision>
 		<revnumber>$Revision$</revnumber>
 		<date>$Date$</date>
 	    </revision>
 	</revhistory>
-    </sectioninfo>
+	</sectioninfo>
+
+	<title>Functions</title>
+
+	<section id="tls.is_peer_verfied">
+		<title><function>is_peer_verified()</function></title>
+		<para>
+			Returns true if the connection on which the message was received
+			is TLS , the peer presented an X509 certificate and the
+			certificate chain verified ok.
+			It can be used only in a request route.
+		</para>
+		<example>
+			<title><function>is_peer_verified</function> usage</title>
+			<programlisting>
+	if (proto==TLS &amp;&amp; !is_peer_verified()){
+		sl_send_reply("400", "No certificate or verification failed");
+		drop;
+	}
+			</programlisting>
+		</example>
+	</section>
 
-    <title>Functions</title>
 
 </section>
diff --git a/modules/tls/doc/history.xml b/modules/tls/doc/history.xml
index becab1e..9be05b8 100644
--- a/modules/tls/doc/history.xml
+++ b/modules/tls/doc/history.xml
@@ -2,7 +2,7 @@
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" 
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
-<section id="tls.certs_howto" xmlns:xi="http://www.w3.org/2001/XInclude">
+<section id="tls.history">
     <sectioninfo>
 	<revhistory>
 	    <revision>
diff --git a/modules/tls/doc/params.xml b/modules/tls/doc/params.xml
index fda0f93..fa1f69a 100644
--- a/modules/tls/doc/params.xml
+++ b/modules/tls/doc/params.xml
@@ -2,7 +2,7 @@
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" 
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
 
-<section id="tm.parameters" xmlns:xi="http://www.w3.org/2001/XInclude">
+<section id="tm.parameters">
     <sectioninfo>
 	<revhistory>
 	    <revision>
diff --git a/modules/tls/doc/tls.xml b/modules/tls/doc/tls.xml
index 3e3c031..f59f381 100644
--- a/modules/tls/doc/tls.xml
+++ b/modules/tls/doc/tls.xml
@@ -1,6 +1,9 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
-   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
+	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
+	[ <!ENTITY % local.common.attrib
+	 "xmlns:xi CDATA #FIXED 'http://www.w3.org/2001/XInclude'">]
+>
 
 <section id="tls" xmlns:xi="http://www.w3.org/2001/XInclude">
 	<sectioninfo>

More information about the sr-dev mailing list