SIP option to specify outbound TLS/SSL client protocol.

chan_sip allows for outbound TLS connections, but does not allow the user to specify what protocol to use (default was SSLv2, and still is if this new option is not specified). This patch lets the user pick the SSL/TLS client method for outbound connections in sip. (closes issue #14770) Reported by: TheOldSaint (closes issue #14768) Reported by: TheOldSaint Review: http://reviewboard.digium.com/r/240/ git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191177 65c4cc65-6c06-0410-ace0-fbb531ad65f3
2025-10-05 12:42:49 +00:00 · 2009-04-29 21:13:43 +00:00
parent d35fd35ae3
commit a6adc84e69
4 changed files with 57 additions and 12 deletions
--- a/include/asterisk/tcptls.h
+++ b/include/asterisk/tcptls.h
@@ -72,7 +72,13 @@ enum ast_ssl_flags {
 	/*! Don't verify certificate when connecting to a server */
 	AST_SSL_DONT_VERIFY_SERVER = (1 << 1),
 	/*! Don't compare "Common Name" against IP or hostname */
-	AST_SSL_IGNORE_COMMON_NAME = (1 << 2)
+	AST_SSL_IGNORE_COMMON_NAME = (1 << 2),
+	/*! Use SSLv2 for outgoing client connections */
+	AST_SSL_SSLV2_CLIENT = (1 << 3),
+	/*! Use SSLv3 for outgoing client connections */
+	AST_SSL_SSLV3_CLIENT = (1 << 4),
+	/*! Use TLSv1 for outgoing client connections */
+	AST_SSL_TLSV1_CLIENT = (1 << 5)
 };

 struct ast_tls_config {