[sr-dev] git:master:33515069: modules: readme files regenerated - stirshaken ... [skip ci]

Kamailio Dev kamailio.dev at kamailio.org
Fri Mar 19 13:16:24 CET 2021 

Module: kamailio
Branch: master
Commit: 335150695507456224c986720682090b2cb757cc
URL: https://github.com/kamailio/kamailio/commit/335150695507456224c986720682090b2cb757cc

Author: Kamailio Dev <kamailio.dev at kamailio.org>
Committer: Kamailio Dev <kamailio.dev at kamailio.org>
Date: 2021-03-19T13:16:17+01:00

modules: readme files regenerated - stirshaken ... [skip ci]

---

Modified: src/modules/stirshaken/README

---

Diff:  https://github.com/kamailio/kamailio/commit/335150695507456224c986720682090b2cb757cc.diff
Patch: https://github.com/kamailio/kamailio/commit/335150695507456224c986720682090b2cb757cc.patch

---

diff --git a/src/modules/stirshaken/README b/src/modules/stirshaken/README
index c956bdb663..caa3a2e5ec 100644
--- a/src/modules/stirshaken/README
+++ b/src/modules/stirshaken/README
@@ -248,9 +248,10 @@ modparam("stirshaken", "vs_connect_timeout_s", 10)
 3.7. vs_cache_certificates (int)
 
    If set, then certificates caching is turned on. This means that
-   certificates downloaded during call verification are cached inside
-   vs_cache_dir, and will be loaded from that cache as long as they are
-   not there for more than vs_cache_expire_s seconds. If
+   certificates downloaded during call verification with
+   stirshaken_check_identity() are cached inside vs_cache_dir, and will be
+   loaded from that cache as long as they are not there for more than
+   vs_cache_expire_s seconds (see vs_cache_expire_s). If
    vs_cache_certificates is set then vs_cache_dir must be set too and
    pointing to existing directory. This param has no meaning for calls to
    stirshaken_check_identity_with_key(key) and
@@ -285,8 +286,12 @@ modparam("stirshaken", "vs_cache_dir", "/tmp/cert_cache")
    If vs_cache_certificates is set then cached certificates are saved in
    vs_cache_dir directory and loaded from there when needed during a call
    verification executed with stirshaken_check_identity(), as long as they
-   are not there for more than vs_cache_expire_s seconds. This param has
-   no meaning for calls to stirshaken_check_identity_with_key(key) and
+   are not there for more than vs_cache_expire_s seconds. If they are in
+   cache for more than vs_cache_expire_s seconds, then a blocking HTTP(s)
+   call is executed to download a new version of (expired) certificate. If
+   this is successful then old version is removed and new version is saved
+   in cache. This param has no meaning for calls to
+   stirshaken_check_identity_with_key(key) and
    stirshaken_check_identity_with_cert(cert).
 
    Default value is 120 seconds.

More information about the sr-dev mailing list