diff options
author | Luigi Rizzo <rizzo@icir.org> | 2006-11-27 20:21:40 +0000 |
---|---|---|
committer | Luigi Rizzo <rizzo@icir.org> | 2006-11-27 20:21:40 +0000 |
commit | 2e7fd7cbdbe5ba3f26dbd7b8bda20d30b397ae96 (patch) | |
tree | f3b9f6a7a605099a7646dda836794b09abc6b275 /main/http.c | |
parent | 3637b60b19f61ac1bab1d096621c8c2f89b227f8 (diff) |
add a new http.conf option, sslbindaddr.
Because https is more secure than http, it usually
makes sense to keep this service more open than the
one on the unencrypted port.
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@48071 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'main/http.c')
-rw-r--r-- | main/http.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/main/http.c b/main/http.c index da8c3afdb..96cb8d153 100644 --- a/main/http.c +++ b/main/http.c @@ -824,6 +824,7 @@ static int __ast_http_load(int reload) struct hostent *hp; struct ast_hostent ahp; char newprefix[MAX_PREFIX]; + int have_sslbindaddr = 0; /* default values */ memset(&http_desc.sin, 0, sizeof(http_desc.sin)); @@ -862,10 +863,16 @@ static int __ast_http_load(int reload) newenablestatic = ast_true(v->value); else if (!strcasecmp(v->name, "bindport")) http_desc.sin.sin_port = htons(atoi(v->value)); - else if (!strcasecmp(v->name, "bindaddr")) { + else if (!strcasecmp(v->name, "sslbindaddr")) { if ((hp = ast_gethostbyname(v->value, &ahp))) { - memcpy(&http_desc.sin.sin_addr, hp->h_addr, sizeof(http_desc.sin.sin_addr)); memcpy(&https_desc.sin.sin_addr, hp->h_addr, sizeof(https_desc.sin.sin_addr)); + have_sslbindaddr = 1; + } else { + ast_log(LOG_WARNING, "Invalid bind address '%s'\n", v->value); + } + } else if (!strcasecmp(v->name, "bindaddr")) { + if ((hp = ast_gethostbyname(v->value, &ahp))) { + memcpy(&http_desc.sin.sin_addr, hp->h_addr, sizeof(http_desc.sin.sin_addr)); } else { ast_log(LOG_WARNING, "Invalid bind address '%s'\n", v->value); } @@ -882,6 +889,8 @@ static int __ast_http_load(int reload) } ast_config_destroy(cfg); } + if (!have_sslbindaddr) + https_desc.sin.sin_addr = http_desc.sin.sin_addr; if (enabled) http_desc.sin.sin_family = https_desc.sin.sin_family = AF_INET; if (strcmp(prefix, newprefix)) |