[asterisk-dev] Re: https support now in trunk (please read)

Luigi Rizzo rizzo at icir.org
Sun Oct 22 09:25:57 MST 2006


On Sun, Oct 22, 2006 at 03:09:46PM +0000, Tony Mountifield wrote:
> In article <20061022051443.A71717 at xorpc.icir.org>,
> Luigi Rizzo <rizzo at icir.org> wrote:
> > as the subject says...
> > 
> > read below for the details - if someone autoconf expert
> > can suggest how to do steps 0 1 2 i am all ears...
> > I suppose step 0 and 1 just require
> > 
> > 0.	AC_CHECK_FUNCS([funopen]) in configure.ac
> > 1.	and check for HAVE_FUNOPEN instead of setting DO_SSL,
> > 2.	adding $(SSL_LIB) to AST_LIBS in main/Makefile
> > 
> > is that correct ?
> 
> As far as I can tell, funopen() is a BSD-only function. The three Linux
> systems I have checked (FC1, FC3 and FC5) do not appear to have funopen()
> at all.

ok thanks for the data point. I am still looking for alternatives.
One option was the BIO API supplied by openssl, but it seems
to be a lot more intrusive on the current code.
I see references to fopencookie(), but it seems to be a glibc thing,
and i don't how easy it is to port.

> Certainly https is potentially a useful feature, but its implementation
> shouldn't depend on a largely non-Linux library function! Since the vast
> majority of Asterisk systems are Linux.
> 
> I'd be wary of code being committed to SVN that had only been tested on
> BSD, and not on Linux.

i know. But note, as the commit message says,
1) the feature is disabled at the moment, and
2) most of the commit was code restructuring to ease the use of two
accept threads, and was needed anyways.

The actual (i repeat, currently disabled) ssl support is one block of 10 lines in
ast_httpd_helper_thread(), 3 trivial wrapper functions, and another
10 lines between headers and global variables.
You can make it disappear in a minute.

	cheers
	luigi


More information about the asterisk-dev mailing list