kenmirrors/freeswitch
1
0
Fork 0
mirror of https://github.com/signalwire/freeswitch.git synced 2025-02-07 22:03:50 +00:00
Code Issues Projects Releases Wiki Activity

FS-3071 This is the sofia changes following the addition of the passphrase in libsofia

Browse Source
This commit is contained in:
Marc Olivier Chouinard 2011-12-18 11:20:38 -05:00
parent 6fe7644f44
commit 235ef72f1b
4 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
conf/sip_profiles/external.xml
View File

@ -77,6 +77,8 @@
<param name="tls-cert-dir" value="$${external_ssl_dir}"/> <param name="tls-cert-dir" value="$${external_ssl_dir}"/>
<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 --> <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
<param name="tls-version" value="$${sip_tls_version}"/> <param name="tls-version" value="$${sip_tls_version}"/>
<!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
<param name="tls-passphrase" value=""/>
</settings> </settings>
</profile> </profile>

2
conf/sip_profiles/internal.xml
View File

@ -184,6 +184,8 @@
<param name="tls-cert-dir" value="$${internal_ssl_dir}"/> <param name="tls-cert-dir" value="$${internal_ssl_dir}"/>
<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 --> <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
<param name="tls-version" value="$${sip_tls_version}"/> <param name="tls-version" value="$${sip_tls_version}"/>
<!-- Optionally set the passphrase password used by openSSL to encrypt/decrypt TLS private key files -->
<param name="tls-passphrase" value=""/>
<!-- turn on auto-flush during bridge (skip timer sleep when the socket already has data) <!-- turn on auto-flush during bridge (skip timer sleep when the socket already has data)
(reduces delay on latent connections default true, must be disabled explicitly)--> (reduces delay on latent connections default true, must be disabled explicitly)-->

1
src/mod/endpoints/mod_sofia/mod_sofia.h
View File

@ -639,6 +639,7 @@ struct sofia_profile {
switch_mutex_t *gw_mutex; switch_mutex_t *gw_mutex;
uint32_t queued_events; uint32_t queued_events;
uint32_t cseq_base; uint32_t cseq_base;
char *tls_passphrase;
}; };
struct private_object { struct private_object {

4
src/mod/endpoints/mod_sofia/sofia.c
View File

@ -1870,6 +1870,8 @@ void *SWITCH_THREAD_FUNC sofia_profile_thread_run(switch_thread_t *thread, void
NUTAG_SIPS_URL(profile->tls_bindurl)), NUTAG_SIPS_URL(profile->tls_bindurl)),
TAG_IF(sofia_test_pflag(profile, PFLAG_TLS), TAG_IF(sofia_test_pflag(profile, PFLAG_TLS),
NUTAG_CERTIFICATE_DIR(profile->tls_cert_dir)), NUTAG_CERTIFICATE_DIR(profile->tls_cert_dir)),
TAG_IF(sofia_test_pflag(profile, PFLAG_TLS) && profile->tls_passphrase,
TPTAG_TLS_PASSPHRASE(profile->tls_passphrase)),
TAG_IF(sofia_test_pflag(profile, PFLAG_TLS), TAG_IF(sofia_test_pflag(profile, PFLAG_TLS),
TPTAG_TLS_VERIFY_POLICY(0)), TPTAG_TLS_VERIFY_POLICY(0)),
TAG_IF(sofia_test_pflag(profile, PFLAG_TLS), TAG_IF(sofia_test_pflag(profile, PFLAG_TLS),
@ -4409,6 +4411,8 @@ switch_status_t config_sofia(int reload, char *profile_name)
} }
} else if (!strcasecmp(var, "tls-cert-dir")) { } else if (!strcasecmp(var, "tls-cert-dir")) {
profile->tls_cert_dir = switch_core_strdup(profile->pool, val); profile->tls_cert_dir = switch_core_strdup(profile->pool, val);
} else if (!strcasecmp(var, "tls-passphrase")) {
profile->tls_passphrase = switch_core_strdup(profile->pool, val);
} else if (!strcasecmp(var, "tls-version")) { } else if (!strcasecmp(var, "tls-version")) {
if (!strcasecmp(val, "tlsv1")) { if (!strcasecmp(val, "tlsv1")) {