[asterisk-dev] tcptls: Use new certificate on reload
George Joseph
gjoseph at digium.com
Tue Nov 29 07:49:27 CST 2016
On Tue, Nov 29, 2016 at 4:34 AM, Joshua Colp <jcolp at digium.com> wrote:
> On Sun, Nov 27, 2016, at 11:29 PM, Corey Farrell wrote:
> > A review [1] has been posted to fix an issue where TLS servers would
> > not be restarted unless the bind address was changed. This would
> > prevent use of new certificates if available. Unfortunately this
> > change does cause an ABI change. Fields are added to public
> > structures 'struct ast_tls_config' and 'struct
> > ast_tcptls_session_args'. Within Asterisk itself these structures are
> > used by app_externalivr, chan_sip, res_http_websocket, http.c and
> > manager.c.
> >
> > tcptls.h does not provide an allocation method for it's structures.
> > These means it is impossible to add fields to these structures without
> > breaking the ABI. How does everyone feel about moving forward with
> > the fix as is?
>
> When it comes to ABI compatibility I take what exactly is being changed
> into account. In the case of the TCP/TLS code it's not something I'd see
> outside code or developers using (the commercial modules certainly don't
> use it) which is why I'm personally not opposed to accepting it.
>
> Any other thoughts? Do we want to be strict and only allow on master?
>
I'd say it's OK for 13. I can't think of a scenario where an external
module would be using these APIs.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20161129/cb6ba0c7/attachment.html>
More information about the asterisk-dev
mailing list