retronetworking
/
yate
12
0
Fork 2
Code Issues Pull Requests Projects Releases Wiki Activity

Added configurable certificate file to present on outgoing TLS connections. 

git-svn-id: http://voip.null.ro/svn/yate@4545 acf43c95-373e-0410-b603-e72c3f656dc1
This commit is contained in:
marian 2011-08-18 10:49:27 +00:00
parent aa51715370
commit dc20a43184
2 changed files with 23 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
conf.d/ysipchan.conf.sample
View File

@ -117,6 +117,20 @@
; See SIPMessage::Flags and SIPMessage::complete() in the source for gory details
;flags=0
; ssl_certificate_file: string: File containing client SSL certificate to present
; This parameter is used for outgoing encrypted connections if a certificate
; is requested by the server during SSL negotiation
; The file path is relative to configuration path
; This parameter is applied on reload
;ssl_certificate_file=
; ssl_key_file: string: Optional file containing the key of the certificate
; set in ssl_certificate_file
; The file path is relative to configuration path
; The certificate file must contain the key if this parameter is empty
; This parameter is applied on reload
;ssl_key_file=
; printmsg: boolean: Print SIP messages to output
; This parameter is applied on reload
; Defaults to yes

9
modules/ysipchan.cpp
View File

@ -1036,6 +1036,8 @@ static unsigned int s_tcpIdle = TCP_IDLE_DEF; // TCP transport idle interval
static unsigned int s_tcpMaxpkt = 1500; // Maximum packet to accept on TCP connections
static String s_tcpOutRtpip; // RTP ip for outgoing tcp/tls transports (protected by plugin mutex)
static bool s_lineKeepTcpOffline = true; // Lines: keep TCP transports when offline
static String s_sslCertFile; // File containing the SSL client certificate to present if requested by the server
static String s_sslKeyFile; // File containing the key of the SSL client certificate
static int s_expires_min = EXPIRES_MIN;
static int s_expires_def = EXPIRES_DEF;
@ -7368,6 +7370,8 @@ void SIPDriver::initialize()
s_globalMutex.lock();
s_realm = s_cfg.getValue("general","realm","Yate");
s_tcpOutRtpip = s_cfg.getValue("general","tcp_out_rtp_localip");
s_sslCertFile = s_cfg.getValue("general","ssl_certificate_file");
s_sslKeyFile = s_cfg.getValue("general","ssl_key_file");
s_globalMutex.unlock();
// Adjust here the TCP idle interval: it uses the SIP engine
s_tcpIdle = tcpIdleInterval(s_cfg.getIntValue("general","tcp_idle",TCP_IDLE_DEF));
@ -7510,6 +7514,11 @@ bool SIPDriver::socketSsl(Socket** sock, bool server, const String& context)
m.addParam("module",name());
m.addParam("server",String::boolText(server));
m.addParam("context",context,false);
if (!server) {
Lock lock(s_globalMutex);
m.addParam("certificate",s_sslCertFile,false);
m.addParam("key",s_sslKeyFile,false);
}
if (sock && *sock) {
RefObjectProxy* p = new RefObjectProxy(sock);
m.userData(p);