[Asterisk-code-review] STIR/SHAKEN: Fix certificate type and storage. (asterisk[16])

Benjamin Keith Ford asteriskteam at digium.com
Thu Apr 29 13:58:41 CDT 2021


Hello Joshua Colp, George Joseph, Friendly Automation, 

I'd like you to reexamine a change. Please visit

    https://gerrit.asterisk.org/c/asterisk/+/15822

to look at the new patch set (#3).

Change subject: STIR/SHAKEN: Fix certificate type and storage.
......................................................................

STIR/SHAKEN: Fix certificate type and storage.

During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.

We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
---
M configs/samples/stir_shaken.conf.sample
M res/res_stir_shaken.c
M res/res_stir_shaken/curl.c
M res/res_stir_shaken/curl.h
M res/res_stir_shaken/stir_shaken.c
M res/res_stir_shaken/stir_shaken.h
6 files changed, 238 insertions(+), 57 deletions(-)


  git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/22/15822/3
-- 
To view, visit https://gerrit.asterisk.org/c/asterisk/+/15822
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings

Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
Gerrit-Change-Number: 15822
Gerrit-PatchSet: 3
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-MessageType: newpatchset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20210429/d543219d/attachment.html>


More information about the asterisk-code-review mailing list