GitList
Browse code

tls: documented is_peer_verified()

- documented is_peer_verified()
- fixed the xmls, so that xmllint / make check does not return any
errors
- regenerated the README

Andrei Pelinescu-Onciul authored on 16/03/2010 10:34:45
Showing 5 changed files
modules/tls/README
History View file @ f86da81983
... ... 
@@ -37,6 +37,9 @@ Andrei Pelinescu-Onciul
37 37 
         1.8.17. config (string)
38 38
39 39 
    1.9. Functions
40 
+
41 
+        1.9.1. is_peer_verified()
42 
+
40 43 
    1.10. History
41 44
42 45 
 1.1. Overview
... ... 
@@ -587,6 +590,18 @@ modparam("tls", "config", "/usr/local/etc/ser/tls.cfg")
587 590 
    Revision History
588 591 
    Revision $Revision$ $Date$
589 592
593 
+1.9.1. is_peer_verified()
594 
+
595 
+   Returns true if the connection on which the message was received is TLS
596 
+   , the peer presented an X509 certificate and the certificate chain
597 
+   verified ok. It can be used only in a request route.
598 
+
599 
+   Example 20. is_peer_verified usage
600 
+        if (proto==TLS && !is_peer_verified()){
601 
+                sl_send_reply("400", "No certificate or verification failed");
602 
+                drop;
603 
+        }
604 
+
590 605 
 1.10. History
591 606
592 607 
    Revision History
modules/tls/doc/functions.xml
History View file @ f86da81983
... ... 
@@ -2,16 +2,36 @@
2 2 
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 3 
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 4
5 
-<section id="textops.functions" xmlns:xi="http://www.w3.org/2001/XInclude">
6 
-    <sectioninfo>
5 
+<section id="textops.functions">
6 
+	<sectioninfo>
7 7 
 	<revhistory>
8 8 
 	    <revision>
9 9 
 		<revnumber>$Revision$</revnumber>
10 10 
 		<date>$Date$</date>
11 11 
 	    </revision>
12 12 
 	</revhistory>
13 
-    </sectioninfo>
13 
+	</sectioninfo>
14 
+
15 
+	<title>Functions</title>
16 
+
17 
+	<section id="tls.is_peer_verfied">
18 
+		<title><function>is_peer_verified()</function></title>
19 
+		<para>
20 
+			Returns true if the connection on which the message was received
21 
+			is TLS , the peer presented an X509 certificate and the
22 
+			certificate chain verified ok.
23 
+			It can be used only in a request route.
24 
+		</para>
25 
+		<example>
26 
+			<title><function>is_peer_verified</function> usage</title>
27 
+			<programlisting>
28 
+	if (proto==TLS &amp;&amp; !is_peer_verified()){
29 
+		sl_send_reply("400", "No certificate or verification failed");
30 
+		drop;
31 
+	}
32 
+			</programlisting>
33 
+		</example>
34 
+	</section>
14 35
15 
-    <title>Functions</title>
16 36
17 37 
 </section>
modules/tls/doc/history.xml
History View file @ f86da81983
... ... 
@@ -2,7 +2,7 @@
2 2 
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 3 
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 4
5 
-<section id="tls.certs_howto" xmlns:xi="http://www.w3.org/2001/XInclude">
5 
+<section id="tls.history">
6 6 
     <sectioninfo>
7 7 
 	<revhistory>
8 8 
 	    <revision>
modules/tls/doc/params.xml
History View file @ f86da81983
... ... 
@@ -2,7 +2,7 @@
2 2 
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 3 
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 4
5 
-<section id="tm.parameters" xmlns:xi="http://www.w3.org/2001/XInclude">
5 
+<section id="tm.parameters">
6 6 
     <sectioninfo>
7 7 
 	<revhistory>
8 8 
 	    <revision>
modules/tls/doc/tls.xml
History View file @ f86da81983
... ... 
@@ -1,6 +1,9 @@
1 1 
 <?xml version="1.0" encoding="UTF-8"?>
2 2 
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 
-   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
3 
+	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
4 
+	[ <!ENTITY % local.common.attrib
5 
+	 "xmlns:xi CDATA #FIXED 'http://www.w3.org/2001/XInclude'">]
6 
+>
4 7
5 8 
 <section id="tls" xmlns:xi="http://www.w3.org/2001/XInclude">
6 9 
 	<sectioninfo>