[Asterisk-code-review] STIR/SHAKEN: Fix certificate type and storage. (asterisk[16])
Benjamin Keith Ford
asteriskteam at digium.com
Mon May 3 12:36:00 CDT 2021
Hello Joshua Colp, George Joseph, Friendly Automation,
I'd like you to reexamine a change. Please visit
https://gerrit.asterisk.org/c/asterisk/+/15822
to look at the new patch set (#4).
Change subject: STIR/SHAKEN: Fix certificate type and storage.
......................................................................
STIR/SHAKEN: Fix certificate type and storage.
During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.
We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.
The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.
https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021
Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
---
M configs/samples/stir_shaken.conf.sample
A doc/UPGRADE-staging/stir-shaken-public-key-url.txt
M include/asterisk/res_stir_shaken.h
M res/res_pjsip_stir_shaken.c
M res/res_stir_shaken.c
M res/res_stir_shaken/certificate.c
M res/res_stir_shaken/certificate.h
M res/res_stir_shaken/curl.c
M res/res_stir_shaken/curl.h
M res/res_stir_shaken/stir_shaken.c
M res/res_stir_shaken/stir_shaken.h
M res/res_stir_shaken/store.c
12 files changed, 376 insertions(+), 163 deletions(-)
git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/22/15822/4
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/15822
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: 16
Gerrit-Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d
Gerrit-Change-Number: 15822
Gerrit-PatchSet: 4
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-CC: Richard Mudgett <rmudgett at digium.com>
Gerrit-MessageType: newpatchset
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20210503/2a82be81/attachment.html>
More information about the asterisk-code-review
mailing list