mirror of
https://github.com/asterisk/asterisk.git
synced 2026-05-25 08:20:50 +00:00
e8a65b7155
The changes are not large. Most of the diff comes from putting the global variables describing an accept session into a structure, so we can reuse the existing code for running multiple accept threads on different ports. Once this is done, and if your system has the funopen() library function (and ssl, of course), it is just a matter of calling the appropriate functions to set up the ssl connection on the existing socket, and everything works on the secure channel now. At the moment, the code is disabled because i have not implemented yet the autoconf code to detect the presence of funopen(), and add -lssl to main/Makefile if ssl libraries are present. And a bit of documentation on the http.conf arguments, too. If you want to manually enable https support, that is very simple (step 0 1 2 will be eventually detected by ./configure, the rest is something you will have to do anyways). 0. make sure your system has funopen(3). FreeBSD does, linux probably does too, not sure about other systems. 1. uncomment the following line in main/http.c // #define DO_SSL /* comment in/out if you want to support ssl */ 2. add -lssl to AST_LIBS in main/Makefile 3. add the following options to http.conf sslenable=yes sslbindport=4433 ; pick one you like sslcert=/tmp/foo.pem ; path to your certificate file. 4. generate a suitable certificate e.g. (example from mini_httpd's Makefile: openssl req -new -x509 -days 365 -nodes -out /tmp/foo.pem -keyout /tmp/foo.pem and here you go: https://localhost:4433/asterisk/manager now works. git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@45869 65c4cc65-6c06-0410-ace0-fbb531ad65f3