diff options
author | Mark Michelson <mmichelson@digium.com> | 2012-02-02 18:55:05 +0000 |
---|---|---|
committer | Mark Michelson <mmichelson@digium.com> | 2012-02-02 18:55:05 +0000 |
commit | 0f4489dc0f76b92d95592cc0b726cb98f781881e (patch) | |
tree | 34f5a4cb79b7376abc97765dc09f019d2175031d /main/manager.c | |
parent | 516419697278a9d029825b17f55a25302bf3fc0d (diff) |
Fix TLS port binding behavior as well as reload behavior:
* Removes references to tlsbindport from http.conf.sample and manager.conf.sample
* Properly bind to port specified in tlsbindaddr, using the default port if specified.
* On a reload, properly close socket if the service has been disabled.
A note has been added to UPGRADE.txt to indicate how ports must be set for TLS.
(closes issue ASTERISK-16959)
reported by Olaf Holthausen
(closes issue ASTERISK-19201)
reported by Chris Mylonas
(closes issue ASTERISK-19204)
reported by Chris Mylonas
Review: https://reviewboard.asterisk.org/r/1709
........
Merged revisions 353770 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........
Merged revisions 353820 from http://svn.asterisk.org/svn/asterisk/branches/10
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@353821 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'main/manager.c')
-rw-r--r-- | main/manager.c | 23 |
1 files changed, 17 insertions, 6 deletions
diff --git a/main/manager.c b/main/manager.c index 727df2647..3558697cb 100644 --- a/main/manager.c +++ b/main/manager.c @@ -6645,6 +6645,7 @@ static int __init_manager(int reload) char a1_hash[256]; struct sockaddr_in ami_desc_local_address_tmp = { 0, }; struct sockaddr_in amis_desc_local_address_tmp = { 0, }; + int tls_was_enabled = 0; manager_enabled = 0; @@ -6708,11 +6709,16 @@ static int __init_manager(int reload) /* default values */ ast_copy_string(global_realm, S_OR(ast_config_AST_SYSTEM_NAME, DEFAULT_REALM), sizeof(global_realm)); - memset(&ami_desc.local_address, 0, sizeof(struct sockaddr_in)); - memset(&amis_desc.local_address, 0, sizeof(amis_desc.local_address)); - amis_desc_local_address_tmp.sin_port = htons(5039); + ast_sockaddr_setnull(&ami_desc.local_address); + ast_sockaddr_setnull(&amis_desc.local_address); + + ami_desc_local_address_tmp.sin_family = AF_INET; + amis_desc_local_address_tmp.sin_family = AF_INET; + ami_desc_local_address_tmp.sin_port = htons(DEFAULT_MANAGER_PORT); + tls_was_enabled = (reload && ami_tls_cfg.enabled); + ami_tls_cfg.enabled = 0; if (ami_tls_cfg.certfile) { ast_free(ami_tls_cfg.certfile); @@ -6786,8 +6792,7 @@ static int __init_manager(int reload) } } - ami_desc_local_address_tmp.sin_family = AF_INET; - amis_desc_local_address_tmp.sin_family = AF_INET; + ast_sockaddr_to_sin(&amis_desc.local_address, &amis_desc_local_address_tmp); /* if the amis address has not been set, default is the same as non secure ami */ if (!amis_desc_local_address_tmp.sin_addr.s_addr) { @@ -6795,6 +6800,10 @@ static int __init_manager(int reload) ami_desc_local_address_tmp.sin_addr; } + if (!amis_desc_local_address_tmp.sin_port) { + amis_desc_local_address_tmp.sin_port = htons(DEFAULT_MANAGER_TLS_PORT); + } + if (manager_enabled) { ast_sockaddr_from_sin(&ami_desc.local_address, &ami_desc_local_address_tmp); ast_sockaddr_from_sin(&amis_desc.local_address, &amis_desc_local_address_tmp); @@ -7031,7 +7040,9 @@ static int __init_manager(int reload) manager_event(EVENT_FLAG_SYSTEM, "Reload", "Module: Manager\r\nStatus: %s\r\nMessage: Manager reload Requested\r\n", manager_enabled ? "Enabled" : "Disabled"); ast_tcptls_server_start(&ami_desc); - if (ast_ssl_setup(amis_desc.tls_cfg)) { + if (tls_was_enabled && !ami_tls_cfg.enabled) { + ast_tcptls_server_stop(&amis_desc); + } else if (ast_ssl_setup(amis_desc.tls_cfg)) { ast_tcptls_server_start(&amis_desc); } return 0; |