kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-15 08:44:14 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "dtls: Add support for ephemeral DTLS certificates."

Browse Source
This commit is contained in:
Joshua Colp
2017-11-06 12:22:38 -06:00
committed by Gerrit Code Review
parent 3126c396b1 04d3785a79
commit 637b37fb98
10 changed files with 409 additions and 81 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
channels/chan_sip.c
View File

@@ -31946,6 +31946,14 @@ static struct sip_peer *build_peer(const char *name, struct ast_variable *v_head
}
}
/* Validate DTLS configuration */
if (ast_rtp_dtls_cfg_validate(&peer->dtls_cfg)) {
sip_unref_peer(peer, "Removing peer due to bad DTLS configuration");
return NULL;
}
/* SRB */
/* Apply the encryption tag length to the DTLS configuration, in case DTLS is in use */
peer->dtls_cfg.suite = (ast_test_flag(&peer->flags[2], SIP_PAGE3_SRTP_TAG_32) ? AST_AES_CM_128_HMAC_SHA1_32 : AST_AES_CM_128_HMAC_SHA1_80);
@@ -33145,6 +33153,11 @@ static int reload_config(enum channelreloadreason reason)
}
}
/* Validate DTLS configuration */
if (ast_rtp_dtls_cfg_validate(&default_dtls_cfg)) {
return -1;
}
/* Override global defaults if setting found in general section */
ast_copy_flags(&global_flags[0], &setflags[0], mask[0].flags);
ast_copy_flags(&global_flags[1], &setflags[1], mask[1].flags);