4 жил өмнө · 19d0a2a217
--- a/src/modules/tlsa/README
+++ b/src/modules/tlsa/README
@@ -0,0 +1,55 @@
 
				+TLSA Module
			
 
				+
			
 
				+Daniel-Constantin Mierla
			
 
				+
			
 
				+   kamailio.org
			
 
				+
			
 
				+   Copyright © 2021 kamailio.org
			
 
				+     __________________________________________________________________
			
 
				+
			
 
				+   Table of Contents
			
 
				+
			
 
				+   1. Admin Guide
			
 
				+
			
 
				+        1. Overview
			
 
				+
			
 
				+Chapter 1. Admin Guide
			
 
				+
			
 
				+   Table of Contents
			
 
				+
			
 
				+   1. Overview
			
 
				+
			
 
				+1. Overview
			
 
				+
			
 
				+   This is a pseudo module that builds TLS module compiled statically
			
 
				+   against libssl and libcrypto (from OpenSSL project). Its C code files
			
 
				+   simply include the files from TLS module, setting a different module
			
 
				+   name.
			
 
				+
			
 
				+   It is a replacement for tls module, with the same modparams and
			
 
				+   functions. Just replace ' loadmodule "tls.so" ' with ' loadmodule
			
 
				+   "tlsa.so" ' and ' modparam("tls", ...) ' with ' modparam("tlsa", ...)
			
 
				+   '. See the docs of TLS module for all the details related to its
			
 
				+   parameters, functions, rpc commands, variables, ...
			
 
				+
			
 
				+   The benefit of this module is having the libssl and libcrypto embedded
			
 
				+   in the module object file, thus not sharing the SSL/TLS context with
			
 
				+   any other modules that may link indirectly to libssl (e.g., like
			
 
				+   http_client that links against libcurl, which uses libssl). In this
			
 
				+   way, the initialization of SSL context (e.g., setting shared memory
			
 
				+   management functions) by tlsa module does not impact the other modules.
			
 
				+
			
 
				+   Another benefit could be the ability to link a specific libssl version
			
 
				+   (e.g., using source build), not being bound to the version shipped with
			
 
				+   the operating system.
			
 
				+
			
 
				+   The drawback is that updates to the libssl done via operating system
			
 
				+   upgrades are not reflected in the tlsa module. It has to be recompiled
			
 
				+   every time a new libssl version is installed and it is wanted to be
			
 
				+   used by tlsa module.
			
 
				+
			
 
				+   NOTE: the module is known to work to be compiled with GCC on Linux
			
 
				+   (tested on Debian Stable 10.x). Other compilers (e.g., clang, icc) may
			
 
				+   not support same static linking options. Also, some operating systems
			
 
				+   may provide only dynamic libssl and libcrypto libraries via their
			
 
				+   packages.
			
--- a/src/modules/tlsa/doc/tlsa.xml
+++ b/src/modules/tlsa/doc/tlsa.xml
@@ -65,6 +65,13 @@
 
				 			be recompiled every time a new libssl version is installed and it
			
 
				 			is wanted to be used by tlsa module.
			
 
				 		</para>
			
 
				+		<para>
			
 
				+			NOTE: the module is known to work to be compiled with GCC on Linux
			
 
				+			(tested on Debian Stable 10.x). Other compilers (e.g., clang, icc)
			
 
				+			may not support same static linking options. Also, some operating
			
 
				+			systems may provide only dynamic libssl and libcrypto libraries
			
 
				+			via their packages.
			
 
				+		</para>
			
 
				 	</section>
			
 
				 	</chapter>
			
 
				 </book>