ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix. For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf. Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
Review: http://reviewboard.digium.com/r/237/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191028 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Adds option to specify a private key .pem file when configuring TLS or SSL in AMI, HTTP, and SIP. Before this, the certificate file was used for both the public and private key. It is possible for this file to hold both, but most configurations allow for a separate private key file to be specified. Clarified in .conf files how these options are to be used. The current conf files do not explain how the private key is handled at all, so without knowledge of Asterisk's TLS implementation, it would be hard to know for sure what was going on or how to set it up.
Review: http://reviewboard.digium.com/r/234/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@190545 65c4cc65-6c06-0410-ace0-fbb531ad65f3
1) Add the Dialplan class, for NewExten and VarSet events, which should cut
down on the volume of traffic in the Call class.
2) Permit some commands to be run from multiple classes, such as allowing
DBGet to be run from either the System or the Reporting class.
3) Heavily document each class in the sample config, as there were several
that made no sense to be in the write= line, and two that made no sense to be
in the read= line (since they controlled no permissions there).
(Closes issue #10386)
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@97651 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Also adds a new "reporting" permission for manager, since it can be incredibly spammy.
This permission was discussed on the -dev mailing list some months back.
Issue 8613, patch by johann8384, with some minor changes by me.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@70961 65c4cc65-6c06-0410-ace0-fbb531ad65f3
are passed as an argument.
- Update the code in main/http.c to use the new interface
(the diff is large but mostly mechanical, due to the name change of
several variables);
- And since now it is trivial, implement "AMI over TLS", and document
the possible options in manager.conf
- And since the test client (openssl s_client -connect host:port )
does not generate \r\n as a line terminator, make get_input()
also accept just a \n as a line terminator (Mac users: do you
also need the \r-only version ?)
The option parsing in manager.conf is not very efficient, and needs
to be cleaned up and made similar to what we have in http.conf
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48351 65c4cc65-6c06-0410-ace0-fbb531ad65f3
- Optionally send systemname in manager (cool when you have a manager proxy)
- Use systemname in CLI prompt
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@26884 65c4cc65-6c06-0410-ace0-fbb531ad65f3
