[Asterisk-code-review] res_stir_shaken: Implemented signature verification. (asterisk[master])
Joshua Colp
asteriskteam at digium.com
Tue Apr 28 10:18:28 CDT 2020
Joshua Colp has posted comments on this change. ( https://gerrit.asterisk.org/c/asterisk/+/14220 )
Change subject: res_stir_shaken: Implemented signature verification.
......................................................................
Patch Set 5:
(2 comments)
https://gerrit.asterisk.org/c/asterisk/+/14220/5/res/res_stir_shaken.c
File res/res_stir_shaken.c:
https://gerrit.asterisk.org/c/asterisk/+/14220/5/res/res_stir_shaken.c@414
PS5, Line 414: ast_log(LOG_ERROR, "Newly downloaded public key '%s' is expired\n", file_path);
> My thought was a certificate could be available for download but has passed its expiration. […]
That seems... interesting. I'm not sure what I think.
https://gerrit.asterisk.org/c/asterisk/+/14220/5/res/res_stir_shaken/curl.c
File res/res_stir_shaken/curl.c:
https://gerrit.asterisk.org/c/asterisk/+/14220/5/res/res_stir_shaken/curl.c@31
PS5, Line 31: #define CURL_TIMEOUT_SEC 7
> Configurable via function parameter, or did you have something else in mind?
I more meant from the configuration file. Generally this is likely to block processing somewhere, so we'd want a default low value with the ability to raise it via configuration if really really needed.
--
To view, visit https://gerrit.asterisk.org/c/asterisk/+/14220
To unsubscribe, or for help writing mail filters, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Change-Id: I3ba4c63880493bf8c7d17a9cfca1af0e934d1a1c
Gerrit-Change-Number: 14220
Gerrit-PatchSet: 5
Gerrit-Owner: Benjamin Keith Ford <bford at digium.com>
Gerrit-Reviewer: Friendly Automation
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at sangoma.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>
Gerrit-Comment-Date: Tue, 28 Apr 2020 15:18:28 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Joshua Colp <jcolp at sangoma.com>
Comment-In-Reply-To: Benjamin Keith Ford <bford at digium.com>
Gerrit-MessageType: comment
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20200428/5a70c715/attachment.html>
More information about the asterisk-code-review
mailing list