https://origsvn.digium.com/svn/asterisk/branches/1.8
................
r314628 | mnicholson | 2011-04-21 13:24:05 -0500 (Thu, 21 Apr 2011) | 27 lines
Merged revisions 314620 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.6.2
................
r314620 | mnicholson | 2011-04-21 13:22:19 -0500 (Thu, 21 Apr 2011) | 20 lines
Merged revisions 314607 via svnmerge from
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r314607 | mnicholson | 2011-04-21 13:19:21 -0500 (Thu, 21 Apr 2011) | 14 lines
Added limits to the number of unauthenticated sessions TCP based protocols are allowed to have open simultaneously. Also added timeouts for unauthenticated sessions where it made sense to do so.
Unrelated, the manager interface now properly checks if the user has the "system" privilege before executing shell commands via the Originate action.
AST-2011-005
AST-2011-006
(closes issue #18787)
Reported by: kobaz
(related to issue #18996)
Reported by: tzafrir
........
................
................
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@314666 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Let's try that again, this time removing trailing whitespace and not leading
whitespace. I can't believe no one noticed.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@197535 65c4cc65-6c06-0410-ace0-fbb531ad65f3
ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix. For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf. Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
Review: http://reviewboard.digium.com/r/237/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@191028 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Adds option to specify a private key .pem file when configuring TLS or SSL in AMI, HTTP, and SIP. Before this, the certificate file was used for both the public and private key. It is possible for this file to hold both, but most configurations allow for a separate private key file to be specified. Clarified in .conf files how these options are to be used. The current conf files do not explain how the private key is handled at all, so without knowledge of Asterisk's TLS implementation, it would be hard to know for sure what was going on or how to set it up.
Review: http://reviewboard.digium.com/r/234/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@190545 65c4cc65-6c06-0410-ace0-fbb531ad65f3
https://origsvn.digium.com/svn/asterisk/branches/1.4
........
r60603 | russell | 2007-04-06 15:58:43 -0500 (Fri, 06 Apr 2007) | 13 lines
To be able to achieve the things that we would like to achieve with the
Asterisk GUI project, we need a fully functional HTTP interface with access
to the Asterisk manager interface. One of the things that was intended to be
a part of this system, but was never actually implemented, was the ability for
the GUI to be able to upload files to Asterisk. So, this commit adds this in
the most minimally invasive way that we could come up with.
A lot of work on minimime was done by Steve Murphy. He fixed a lot of bugs in
the parser, and updated it to be thread-safe. The ability to check
permissions of active manager sessions was added by Dwayne Hubbard. Then,
hacking this all together and do doing the modifications necessary to the HTTP
interface was done by me.
........
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@60604 65c4cc65-6c06-0410-ace0-fbb531ad65f3
this, implementing locking of this list to make it thread-safe.
- Add a "redirect" option to http.conf that allows redirecting one URI to
another. I was inspired to do this while playing with the Asterisk GUI. I
got tired of typing this URL to get to the GUI:
http://localhost:8088/asterisk/static/config/cfgadvanced.html
So, now I have the following line in http.conf:
redirect=/=/asterisk/static/config/cfgadvanced.html
Now, I can type the following into my browser and go to the GUI:
http://localhost:8088
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48930 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Because https is more secure than http, it usually
makes sense to keep this service more open than the
one on the unencrypted port.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48071 65c4cc65-6c06-0410-ace0-fbb531ad65f3
and support linux as well (using fopencookie(), which should
be available in glibc).
Update configure.ac to check for funopen (BSD) and fopencookie(glibc),
and while we are at it also for gethostbyname_r
(the generated files need to be updated, or you need
to run bootstrap.sh yourself).
Document the new options in http.conf.sample
(names are only tentative, better ones are welcome).
At this point we can safely enable the option.
Anyone willing to try this on Sun and Apple platforms ?
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@45892 65c4cc65-6c06-0410-ace0-fbb531ad65f3