[sr-dev] git:master:19d0a2a2: tlsa: imported README file
Daniel-Constantin Mierla
miconda at gmail.com
Mon Aug 2 12:39:42 CEST 2021
Module: kamailio
Branch: master
Commit: 19d0a2a2177ca206de417fc1cb412c5b6dd0f393
URL: https://github.com/kamailio/kamailio/commit/19d0a2a2177ca206de417fc1cb412c5b6dd0f393
Author: Daniel-Constantin Mierla <miconda at gmail.com>
Committer: Daniel-Constantin Mierla <miconda at gmail.com>
Date: 2021-08-02T12:38:49+02:00
tlsa: imported README file
---
Added: src/modules/tlsa/README
Modified: src/modules/tlsa/doc/tlsa.xml
---
Diff: https://github.com/kamailio/kamailio/commit/19d0a2a2177ca206de417fc1cb412c5b6dd0f393.diff
Patch: https://github.com/kamailio/kamailio/commit/19d0a2a2177ca206de417fc1cb412c5b6dd0f393.patch
---
diff --git a/src/modules/tlsa/README b/src/modules/tlsa/README
new file mode 100644
index 0000000000..100da0fed4
--- /dev/null
+++ b/src/modules/tlsa/README
@@ -0,0 +1,55 @@
+TLSA Module
+
+Daniel-Constantin Mierla
+
+ kamailio.org
+
+ Copyright © 2021 kamailio.org
+ __________________________________________________________________
+
+ Table of Contents
+
+ 1. Admin Guide
+
+ 1. Overview
+
+Chapter 1. Admin Guide
+
+ Table of Contents
+
+ 1. Overview
+
+1. Overview
+
+ This is a pseudo module that builds TLS module compiled statically
+ against libssl and libcrypto (from OpenSSL project). Its C code files
+ simply include the files from TLS module, setting a different module
+ name.
+
+ It is a replacement for tls module, with the same modparams and
+ functions. Just replace ' loadmodule "tls.so" ' with ' loadmodule
+ "tlsa.so" ' and ' modparam("tls", ...) ' with ' modparam("tlsa", ...)
+ '. See the docs of TLS module for all the details related to its
+ parameters, functions, rpc commands, variables, ...
+
+ The benefit of this module is having the libssl and libcrypto embedded
+ in the module object file, thus not sharing the SSL/TLS context with
+ any other modules that may link indirectly to libssl (e.g., like
+ http_client that links against libcurl, which uses libssl). In this
+ way, the initialization of SSL context (e.g., setting shared memory
+ management functions) by tlsa module does not impact the other modules.
+
+ Another benefit could be the ability to link a specific libssl version
+ (e.g., using source build), not being bound to the version shipped with
+ the operating system.
+
+ The drawback is that updates to the libssl done via operating system
+ upgrades are not reflected in the tlsa module. It has to be recompiled
+ every time a new libssl version is installed and it is wanted to be
+ used by tlsa module.
+
+ NOTE: the module is known to work to be compiled with GCC on Linux
+ (tested on Debian Stable 10.x). Other compilers (e.g., clang, icc) may
+ not support same static linking options. Also, some operating systems
+ may provide only dynamic libssl and libcrypto libraries via their
+ packages.
diff --git a/src/modules/tlsa/doc/tlsa.xml b/src/modules/tlsa/doc/tlsa.xml
index 75da4b765c..eecc5f9ab1 100644
--- a/src/modules/tlsa/doc/tlsa.xml
+++ b/src/modules/tlsa/doc/tlsa.xml
@@ -65,6 +65,13 @@
be recompiled every time a new libssl version is installed and it
is wanted to be used by tlsa module.
</para>
+ <para>
+ NOTE: the module is known to work to be compiled with GCC on Linux
+ (tested on Debian Stable 10.x). Other compilers (e.g., clang, icc)
+ may not support same static linking options. Also, some operating
+ systems may provide only dynamic libssl and libcrypto libraries
+ via their packages.
+ </para>
</section>
</chapter>
</book>
More information about the sr-dev
mailing list