[sr-dev] git:master:9da757be: stirshaken: Fix usage examples [skip ci]
Piotr Gregor
piotr at signalwire.com
Thu Mar 25 03:57:09 CET 2021
Module: kamailio
Branch: master
Commit: 9da757be8861649cdcc9e03bfaf35e6b257ff18f
URL: https://github.com/kamailio/kamailio/commit/9da757be8861649cdcc9e03bfaf35e6b257ff18f
Author: Piotr Gregor <piotr at signalwire.com>
Committer: Piotr Gregor <piotr at signalwire.com>
Date: 2021-03-25T02:52:57Z
stirshaken: Fix usage examples [skip ci]
Modified: src/modules/stirshaken/doc/stirshaken_admin.xml
---
Modified: src/modules/stirshaken/doc/stirshaken_admin.xml
---
Diff: https://github.com/kamailio/kamailio/commit/9da757be8861649cdcc9e03bfaf35e6b257ff18f.diff
Patch: https://github.com/kamailio/kamailio/commit/9da757be8861649cdcc9e03bfaf35e6b257ff18f.patch
---
diff --git a/src/modules/stirshaken/doc/stirshaken_admin.xml b/src/modules/stirshaken/doc/stirshaken_admin.xml
index 55ef50a837..4634f0b752 100644
--- a/src/modules/stirshaken/doc/stirshaken_admin.xml
+++ b/src/modules/stirshaken/doc/stirshaken_admin.xml
@@ -24,9 +24,10 @@
<para>
stirshaken module exports the functions to check and to generate PASSporT, wrapped into SIP Identity header.
For call authentication two functions are available: stirshaken_add_identity(...) and stirshaken_add_identity_with_key(key).
- stirshaken_add_identity() uses default key (through Authentication Service), stirshaken_add_identity_with_key(..., key) uses specifoed key.
+ stirshaken_add_identity() uses default key (through Authentication Service), stirshaken_add_identity_with_key(..., key) uses key specified as argument.
For call verification three methods are available: stirshaken_check_identity() (through Verification Service),
stirshaken_check_identity_with_key(key) and stirshaken_check_identity_with_cert(cert).
+ Only stirshaken_check_identity() may download certificate (if needed) and check it with X509 certificate path check algorithm.
</para>
</section>
<section>
@@ -291,7 +292,11 @@ modparam("stirshaken", "vs_cache_expire_s", 100)
request_route {
...
- if(stirshaken_check_identity()) { // bad identity }
+ if (1 == stirshaken_check_identity()) {
+ xlog("Shaken Identity is OK\n");
+ } else {
+ xlog("Shaken Identity is invalid\n");
+ }
...
}
...
@@ -326,7 +331,11 @@ request_route {
...
request_route {
...
- if(stirshaken_check_identity_with_key("/path/to/key")) { // bad identity }
+ if (1 == stirshaken_check_identity_with_key("/path/to/key")) {
+ xlog("Shaken Identity is OK\n");
+ } else {
+ xlog("Shaken Identity is invalid\n");
+ }
...
}
...
@@ -352,7 +361,11 @@ request_route {
...
request_route {
...
- if(stirshaken_check_identity_with_cert("/path/to/cert")) { // bad identity }
+ if (1 == stirshaken_check_identity_with_cert("/path/to/cert")) {
+ xlog("Shaken Identity is OK\n");
+ } else {
+ xlog("Shaken Identity is invalid\n");
+ }
...
}
...
@@ -382,7 +395,11 @@ request_route {
...
request_route {
...
- stirshaken_add_identity("https://sp.com/sp.pem", "B", "+44100", "+44200", "origid");
+ if (1 == stirshaken_add_identity("https://sp.com/sp.pem", "B", "+44100", "+44200", "origid")) {
+ xlog("Shaken authentication added (SIP Identity Header created)\n");
+ } else {
+ xlog("Failed\n");
+ }
...
}
...
@@ -397,7 +414,11 @@ request_route {
...
request_route {
...
- stirshaken_add_identity("https://sp.com/sp.pem", "B", "+44100", "+44200", "");
+ if (1 == stirshaken_add_identity("https://sp.com/sp.pem", "B", "+44100", "+44200", "")) {
+ xlog("Shaken authentication added (SIP Identity Header created)\n");
+ } else {
+ xlog("Failed\n");
+ }
...
}
...
More information about the sr-dev
mailing list