res_pjsip: Add existence and readablity checks for tls related files

Both transport and endpoint now check for the existence and readability of tls certificate and key files before passing them on to pjproject. This will cause the object to not load rather than waiting for pjproject to discover that there's a problem when a session is attempted. NOTE: chan_sip also uses ast_rtp_dtls_cfg_parse but it's located in build_peer which is gigantic and I didn't want to disturb it. Error messages will emit but it won't interrupt chan_sip loading. ASTERISK-25618 #close Change-Id: Ie43f2c1d653ac1fda6a6f6faecb7c2ebadaf47c9 Reported-by: George Joseph Tested-by: George Joseph
2025-10-12 15:45:18 +00:00 · 2015-12-08 16:49:20 -07:00
parent 246e513110
commit 21962dad93
5 changed files with 73 additions and 1 deletions
--- a/res/res_pjsip/pjsip_configuration.c
+++ b/res/res_pjsip/pjsip_configuration.c
@@ -683,7 +683,7 @@ static int media_encryption_handler(const struct aco_option *opt, struct ast_var
 		endpoint->media.rtp.encryption = AST_SIP_MEDIA_ENCRYPT_SDES;
 	} else if (!strcasecmp("dtls", var->value)) {
 		endpoint->media.rtp.encryption = AST_SIP_MEDIA_ENCRYPT_DTLS;
-		ast_rtp_dtls_cfg_parse(&endpoint->media.rtp.dtls_cfg, "dtlsenable", "yes");
+		return ast_rtp_dtls_cfg_parse(&endpoint->media.rtp.dtls_cfg, "dtlsenable", "yes");
 	} else {
 		return -1;
 	}