retronetworking
/
freeswitch
13
0
Fork 0
Code Pull Requests Releases Activity

FS-6174 --resolve after updating to this revision, put ca-bundle.crt in /usr/local/freeswitch/certs to get chain cert in place for both dtls and wss

This commit is contained in:
Anthony Minessale 2014-01-31 20:16:48 +05:00
parent 035985859c
commit 0a3e18a308
2 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
libs/sofia-sip/.update
View File

@ -1 +1 @@
Sun Jan 26 07:59:10 UTC 2014
Fri Jan 31 20:16:45 CDT 2014

7
libs/sofia-sip/libsofia-sip-ua/tport/tport_type_ws.c
View File

@ -338,6 +338,7 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
tport_ws_primary_t *wspri = (tport_ws_primary_t *)pri;
const char *cert = "/ssl.pem";
const char *key = "/ssl.pem";
const char *chain = NULL;
char *homedir;
char *tbf = NULL;
su_home_t autohome[SU_HOME_AUTO_SIZE(1024)];
@ -361,11 +362,13 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
key = su_sprintf(autohome, "%s/%s", path, "wss.key");
if (access(key, R_OK) != 0) key = NULL;
cert = su_sprintf(autohome, "%s/%s", path, "wss.crt");
chain = su_sprintf(autohome, "%s/%s", path, "ca-bundle.crt");
if (access(cert, R_OK) != 0) cert = NULL;
if ( !key ) key = su_sprintf(autohome, "%s/%s", path, "wss.pem");
if ( !cert ) cert = su_sprintf(autohome, "%s/%s", path, "wss.pem");
if (access(key, R_OK) != 0) key = NULL;
if (access(cert, R_OK) != 0) cert = NULL;
if (access(chain, R_OK) != 0) chain = NULL;
}
init_ssl();
@ -379,6 +382,10 @@ static int tport_ws_init_primary_secure(tport_primary_t *pri,
if ( !wspri->ssl_ctx ) goto done;
if (chain) {
SSL_CTX_use_certificate_chain_file(wspri->ssl_ctx, chain);
}
/* set the local certificate from CertFile */
SSL_CTX_use_certificate_file(wspri->ssl_ctx, cert, SSL_FILETYPE_PEM);
/* set the private key from KeyFile */