[asterisk-dev] [Code Review] Get tlsverifyclient closer to working and prevent unsupported options from being set
opticron
reviewboard at asterisk.org
Wed Mar 6 12:14:25 CST 2013
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2370/
-----------------------------------------------------------
Review request for Asterisk Developers.
Summary
-------
AMI, HTTP, and chan_sip all support TLS in some way, but none of them support all the options that Asterisk's TLS core is capable of interpreting. This prevents consumers of the TLS/SSL layer from setting TLS/SSL options that they do not support.
This also gets tlsverifyclient closer to a working state by requesting the client certificate when tlsverifyclient is set. Currently, there is no consumer of main/tcptls.c in Asterisk that supports this feature and so it can not be properly tested.
This addresses bug AST-1093.
https://issues.asterisk.org/jira/browse/AST-1093
Diffs
-----
branches/1.8/channels/chan_sip.c 382511
branches/1.8/main/http.c 382511
branches/1.8/main/manager.c 382511
branches/1.8/main/tcptls.c 382511
Diff: https://reviewboard.asterisk.org/r/2370/diff
Testing
-------
Ensured chan_sip would ignore tlsverifyclient.
Thanks,
opticron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130306/d24f2340/attachment-0001.htm>
More information about the asterisk-dev
mailing list