[Asterisk-code-review] pjsip: Clarify certificate configuration for Websocket. (asterisk[13])

Joshua Colp asteriskteam at digium.com
Mon Jul 2 18:50:39 CDT 2018 

Joshua Colp has uploaded this change for review. ( https://gerrit.asterisk.org/9327


Change subject: pjsip: Clarify certificate configuration for Websocket.
......................................................................

pjsip: Clarify certificate configuration for Websocket.

The Websocket transport uses the built-in HTTP server. As a result
the TLS configuration is done in http.conf and not in pjsip.conf.

This change adds a warning if this is configured in pjsip.conf and
also clarifies in the sample configuration file.

Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9
---
M configs/samples/pjsip.conf.sample
M res/res_pjsip/config_transport.c
2 files changed, 7 insertions(+), 0 deletions(-)



  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/27/9327/1

diff --git a/configs/samples/pjsip.conf.sample b/configs/samples/pjsip.conf.sample
index 69576c1..fa80c6c 100644
--- a/configs/samples/pjsip.conf.sample
+++ b/configs/samples/pjsip.conf.sample
@@ -842,6 +842,10 @@
 ;==========================TRANSPORT SECTION OPTIONS=========================
 ;[transport]
 ;  SYNOPSIS: SIP Transport
+;
+; Note that for the Websocket transport the TLS configuration is configured
+; in http.conf and is applied for all HTTPS traffic.
+;
 ;async_operations=1     ; Number of simultaneous Asynchronous Operations
                         ; (default: "1")
 ;bind=  ; IP Address and optional port to bind to for this transport (default:
diff --git a/res/res_pjsip/config_transport.c b/res/res_pjsip/config_transport.c
index 55ef3c5..3ad4dcc 100644
--- a/res/res_pjsip/config_transport.c
+++ b/res/res_pjsip/config_transport.c
@@ -650,6 +650,9 @@
 	} else if ((transport->type == AST_TRANSPORT_WS) || (transport->type == AST_TRANSPORT_WSS)) {
 		if (transport->cos || transport->tos) {
 			ast_log(LOG_WARNING, "TOS and COS values ignored for websocket transport\n");
+		} else if (!ast_strlen_zero(transport->ca_list_file) || !ast_strlen_zero(transport->ca_list_path) ||
+			!ast_strlen_zero(transport->cert_file) || !ast_strlen_zero(transport->privkey_file)) {
+			ast_log(LOG_WARNING, "TLS certificate values ignored for websocket transport as they are configured in http.conf\n");
 		}
 		res = PJ_SUCCESS;
 	}

-- 
To view, visit https://gerrit.asterisk.org/9327
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-MessageType: newchange
Gerrit-Change-Id: I187d994d328c3ed274b6754fd4c2a4955bdc6dd9
Gerrit-Change-Number: 9327
Gerrit-PatchSet: 1
Gerrit-Owner: Joshua Colp <jcolp at digium.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20180702/0da1d38b/attachment.html>

More information about the asterisk-code-review mailing list