Browse code

tls: documented is_peer_verified()

- documented is_peer_verified()
- fixed the xmls, so that xmllint / make check does not return any
errors
- regenerated the README

Andrei Pelinescu-Onciul authored on 16/03/2010 10:34:45
Showing 5 changed files
... ...
@@ -37,6 +37,9 @@ Andrei Pelinescu-Onciul
37 37
         1.8.17. config (string)
38 38
 
39 39
    1.9. Functions
40
+
41
+        1.9.1. is_peer_verified()
42
+
40 43
    1.10. History
41 44
 
42 45
 1.1. Overview
... ...
@@ -587,6 +590,18 @@ modparam("tls", "config", "/usr/local/etc/ser/tls.cfg")
587 590
    Revision History
588 591
    Revision $Revision$ $Date$
589 592
 
593
+1.9.1. is_peer_verified()
594
+
595
+   Returns true if the connection on which the message was received is TLS
596
+   , the peer presented an X509 certificate and the certificate chain
597
+   verified ok. It can be used only in a request route.
598
+
599
+   Example 20. is_peer_verified usage
600
+        if (proto==TLS && !is_peer_verified()){
601
+                sl_send_reply("400", "No certificate or verification failed");
602
+                drop;
603
+        }
604
+
590 605
 1.10. History
591 606
 
592 607
    Revision History
... ...
@@ -2,16 +2,36 @@
2 2
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 3
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 4
 
5
-<section id="textops.functions" xmlns:xi="http://www.w3.org/2001/XInclude">
6
-    <sectioninfo>
5
+<section id="textops.functions">
6
+	<sectioninfo>
7 7
 	<revhistory>
8 8
 	    <revision>
9 9
 		<revnumber>$Revision$</revnumber>
10 10
 		<date>$Date$</date>
11 11
 	    </revision>
12 12
 	</revhistory>
13
-    </sectioninfo>
13
+	</sectioninfo>
14
+
15
+	<title>Functions</title>
16
+
17
+	<section id="tls.is_peer_verfied">
18
+		<title><function>is_peer_verified()</function></title>
19
+		<para>
20
+			Returns true if the connection on which the message was received
21
+			is TLS , the peer presented an X509 certificate and the
22
+			certificate chain verified ok.
23
+			It can be used only in a request route.
24
+		</para>
25
+		<example>
26
+			<title><function>is_peer_verified</function> usage</title>
27
+			<programlisting>
28
+	if (proto==TLS &amp;&amp; !is_peer_verified()){
29
+		sl_send_reply("400", "No certificate or verification failed");
30
+		drop;
31
+	}
32
+			</programlisting>
33
+		</example>
34
+	</section>
14 35
 
15
-    <title>Functions</title>
16 36
 
17 37
 </section>
... ...
@@ -2,7 +2,7 @@
2 2
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" 
3 3
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 4
 
5
-<section id="tls.certs_howto" xmlns:xi="http://www.w3.org/2001/XInclude">
5
+<section id="tls.history">
6 6
     <sectioninfo>
7 7
 	<revhistory>
8 8
 	    <revision>
... ...
@@ -2,7 +2,7 @@
2 2
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" 
3 3
    "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4 4
 
5
-<section id="tm.parameters" xmlns:xi="http://www.w3.org/2001/XInclude">
5
+<section id="tm.parameters">
6 6
     <sectioninfo>
7 7
 	<revhistory>
8 8
 	    <revision>
... ...
@@ -1,6 +1,9 @@
1 1
 <?xml version="1.0" encoding="UTF-8"?>
2 2
 <!DOCTYPE section PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3
-   "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
3
+	"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"
4
+	[ <!ENTITY % local.common.attrib
5
+	 "xmlns:xi CDATA #FIXED 'http://www.w3.org/2001/XInclude'">]
6
+>
4 7
 
5 8
 <section id="tls" xmlns:xi="http://www.w3.org/2001/XInclude">
6 9
 	<sectioninfo>