tls: docs - removed trailing spaces

kamailio · Nov 13, 2023 · 3bbbc39 · 3bbbc39
1 parent f15b88c
commit 3bbbc39
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 26 deletions.
diff --git a/src/modules/tls/doc/certs_howto.xml b/src/modules/tls/doc/certs_howto.xml
@@ -68,19 +68,19 @@ Creating the CA certificate
 1. Create the CA directory
 	mkdir ca
 	cd ca
-	
+
 2. Create the CA directory structure and files  (see ca(1))
 	mkdir demoCA 		#default CA name, edit /etc/ssl/openssl.cnf
 	mkdir  demoCA/private
 	mkdir demoCA/newcerts
 	touch demoCA/index.txt
 	echo 01 >demoCA/serial
 	echo 01 >demoCA/crlnumber
-	
+
 2. Create CA private key
 	openssl genrsa -out demoCA/private/cakey.pem 2048
 	chmod 600 demoCA/private/cakey.pem
-	
+
 3. Create CA self-signed certificate
 	openssl req -out demoCA/cacert.pem   -x509 -new -key demoCA/private/cakey.pem
 
@@ -92,10 +92,10 @@ Creating a server/client TLS certificate
 	openssl req -out kamailio1_cert_req.pem -new -nodes
 
 	WARNING: the organization name should be the same as in the CA certificate.
-	
+
 2. Sign it with the CA certificate
 	openssl ca -in kamailio1_cert_req.pem -out kamailio1_cert.pem
-	
+
 3. Copy kamailio1_cert.pem to your &kamailio; configuration dir
 
 
@@ -104,45 +104,45 @@ Setting &kamailio; to use the TLS certificate
 1. Create the CA list file:
 	for each of your CA certificates that you intend to use do:
 		cat cacert.pem >>calist.pem
-	
-2. Copy your &kamailio; certificate, private key and ca list file to your 
+
+2. Copy your &kamailio; certificate, private key and ca list file to your
 	intended machine (preferably in your &kamailio; configuration directory,
 	 this is the default place &kamailio; searches for).
-	
+
 3. Set up &kamailio;.cfg to use the certificate
 	if your &kamailio; certificate name is different from cert.pem or it is not
 	placed in &kamailio; cfg. directory, add to your kamailio.cfg:
 		modparam("tls", "certificate", "/path/cert_file_name")
-	
+
 4. Set up &kamailio; to use the private key
 	if your private key is not contained in the same file as the certificate
 	(or the certificate name is not the default cert.pem), add to your
 	 &kamailio;.cfg:
 		modparam("tls", "private_key", "/path/private_key_file")
-	
+
 5. Set up &kamailio; to use the CA list (optional)
    The CA list is not used for your server certificate - it's used to approve other servers
    and clients connecting to your server with a client certificate or for approving
    a certificate used by a server your server connects to.
 	add to your &kamailio;.cfg:
 		modparam("tls", "ca_list", "/path/ca_list_file")
-	
+
 6. Set up TLS authentication options:
 		modparam("tls", "verify_certificate", 1)
-		modparam("tls", "require_certificate", 1) 
+		modparam("tls", "require_certificate", 1)
 	(for more information see the module parameters documentation)
 
 
 Revoking a certificate and using a CRL
 --------------------------------------
 1. Revoking a certificate:
 	openssl ca -revoke bad_cert.pem
-	
+
 2. Generate/update the certificate revocation list:
 	openssl ca -gencrl -out my_crl.pem
-	
+
 3. Copy my_crl.pem to your &kamailio; config. dir
-	
+
 4. Set up &kamailio; to use the CRL:
 		modparam("tls", "crl", "path/my_crl.pem")
 

diff --git a/src/modules/tls/doc/hsm_howto.xml b/src/modules/tls/doc/hsm_howto.xml
@@ -14,7 +14,7 @@
 
 	<title>HSM Howto</title>
 		<para>
-			This documents OpenSSL engine support for private keys in HSM. 
+			This documents OpenSSL engine support for private keys in HSM.
 		</para>
 		<para>
 		        Assumptions: an OpenSSL engine configured with private key. We still require the certificate file

diff --git a/src/modules/tls/doc/params.xml b/src/modules/tls/doc/params.xml
@@ -201,7 +201,7 @@ modparam("tls", "private_key", "/usr/local/etc/kamailio/my_pkey.pem")
 		An easy way to create the CA list is to append each trusted trusted CA
 		certificate in the PEM format to one file, e.g.:
 	    <programlisting>
-for f in trusted_cas/*.pem ; do cat "$f" &gt;&gt; ca_list.pem ; done 
+for f in trusted_cas/*.pem ; do cat "$f" &gt;&gt; ca_list.pem ; done
 	    </programlisting>
 	</para>
 	<para>
@@ -320,7 +320,7 @@ modparam("tls", "crl", "/usr/local/etc/kamailio/crl.pem")
 <section id="tls.p.verify_certificate">
 	<title><varname>verify_certificate</varname> (boolean)</title>
 	<para>
-		If enabled it will force certificate verification when connecting to 
+		If enabled it will force certificate verification when connecting to
 		other SIP servers..
 		For more information see the
 		<ulink url="https://www.openssl.org/docs/manmaster/man1/verify.html">verify(1)</ulink>
@@ -470,8 +470,8 @@ modparam("tls", "connection_timeout", 60)
 		If set compression over TLS will be disabled.
 		Note that compression uses a lot of memory (about 10x more than with
 		the compression disabled), so if you want to minimize
-		memory usage is a good idea to disable it. TLS compression also 
-		expose you for the 
+		memory usage is a good idea to disable it. TLS compression also
+		expose you for the
  		<ulink url="https://en.wikipedia.org/wiki/CRIME_(security_exploit)">
 		CRIME</ulink> security vulnerability.
 	</para>
@@ -839,7 +839,7 @@ modparam("tls", "tls_debug", 10)
 		new TLS connections will start to fail. The value is expressed in KB.
 	</para>
 	<para>
-		The default value depends on whether the OpenSSL library used handles 
+		The default value depends on whether the OpenSSL library used handles
 		low memory situations in a good way (openssl bug #1491).
 		As of this writing this is not true for any OpenSSL version (including 0.9.8e).
 	</para>
@@ -959,7 +959,7 @@ modparam("tls", "low_mem_threshold2", -1)
 		<listitem>
 			<para>
 				the OpenSSL library used at compile time and the one used at
-				runtime have different Kerberos options 
+				runtime have different Kerberos options
 			</para>
 		</listitem>
 	</itemizedlist>
@@ -1210,7 +1210,7 @@ server_name_mode = 1
 	</programlisting>
 	</example>
 	<para>
-		For a more complete example check the <emphasis>tls.cfg</emphasis> distributed 
+		For a more complete example check the <emphasis>tls.cfg</emphasis> distributed
 		with the &kamailio; source (kamailio/modules/tls/tls.cfg).
 	</para>
 	<example>

diff --git a/src/modules/tls/doc/tls.xml b/src/modules/tls/doc/tls.xml
@@ -138,7 +138,7 @@ request_route {
 		<para>
 			This module includes several workarounds for various Openssl bugs
 			(like compression and Kerberos using the wrong memory allocations
-			functions, low memory problems a.s.o). On startup it will try to enable 
+			functions, low memory problems a.s.o). On startup it will try to enable
 			the needed workarounds based on the OpenSSL library version. Each time
 			a known problem is detected and a workaround is enabled, a message will
 			be logged. In general it is recommended to compile this module on the
@@ -163,7 +163,7 @@ request_route {
  			(see <varname>tls_disable_compression</varname>).
 		</para>
 		<para>
-			The TLS module includes workarounds for the following known openssl bugs: 
+			The TLS module includes workarounds for the following known openssl bugs:
 			<itemizedlist>
                         <listitem><para>
 			openssl #1204 (disable SS_OP_TLS_BLOCK_PADDING_BUG if compression is enabled,
@@ -173,7 +173,7 @@ request_route {
 			openssl #1468 (fix zlib compression memory allocation),
                         </para></listitem>
                         <listitem><para>
-			openssl #1467 (kerberos support will be disabled if the openssl version is less than 0.9.8e-beta1) 
+			openssl #1467 (kerberos support will be disabled if the openssl version is less than 0.9.8e-beta1)
                         </para></listitem>
                         <listitem><para>
 			openssl #1491 (stop using tls in low memory situations due to the very high risk of openssl crashing or leaking memory).