diff options
| author | Joshua Colp <jcolp@digium.com> | 2014-05-01 12:31:20 +0000 |
|---|---|---|
| committer | Joshua Colp <jcolp@digium.com> | 2014-05-01 12:31:20 +0000 |
| commit | 45a7132480eb23606bf39f785f55805349401338 (patch) | |
| tree | e6ea9a11898f467f415b64874ace85e2ff2ab046 /res/res_pjsip/config_transport.c | |
| parent | 20750e261b3cc1cd954ac3de839afadcc4817d8d (diff) | |
res_pjsip: Add the ability to configure ciphers based on name.
Previously this code would only accept the OpenSSL identifier instead
of the documented name.
ASTERISK-23498 #close
ASTERISK-23498 #comment Reported by: Anthony Messina
Review: https://reviewboard.asterisk.org/r/3491/
........
Merged revisions 413159 from http://svn.asterisk.org/svn/asterisk/branches/12
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@413160 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'res/res_pjsip/config_transport.c')
| -rw-r--r-- | res/res_pjsip/config_transport.c | 40 |
1 files changed, 34 insertions, 6 deletions
diff --git a/res/res_pjsip/config_transport.c b/res/res_pjsip/config_transport.c index 5fbede2bd..ce57ab6de 100644 --- a/res/res_pjsip/config_transport.c +++ b/res/res_pjsip/config_transport.c @@ -379,6 +379,30 @@ static int tls_method_to_str(const void *obj, const intptr_t *args, char **buf) return 0; } +/*! \brief Helper function which turns a cipher name into an identifier */ +static pj_ssl_cipher cipher_name_to_id(const char *name) +{ + pj_ssl_cipher ciphers[100], id = 0; + unsigned int cipher_num = PJ_ARRAY_SIZE(ciphers); + int pos; + + if (pj_ssl_cipher_get_availables(ciphers, &cipher_num)) { + return 0; + } + + for (pos = 0; pos < cipher_num; ++pos) { + if (!pj_ssl_cipher_name(ciphers[pos]) || + strcmp(pj_ssl_cipher_name(ciphers[pos]), name)) { + continue; + } + + id = ciphers[pos]; + break; + } + + return id; +} + /*! \brief Custom handler for TLS cipher setting */ static int transport_tls_cipher_handler(const struct aco_option *opt, struct ast_variable *var, void *obj) { @@ -389,12 +413,16 @@ static int transport_tls_cipher_handler(const struct aco_option *opt, struct ast return -1; } - /* TODO: Check this over/tweak - it's taken from pjsua for now */ - if (!strnicmp(var->value, "0x", 2)) { - pj_str_t cipher_st = pj_str((char*)var->value + 2); - cipher = pj_strtoul2(&cipher_st, NULL, 16); - } else { - cipher = atoi(var->value); + cipher = cipher_name_to_id(var->value); + + if (!cipher) { + /* TODO: Check this over/tweak - it's taken from pjsua for now */ + if (!strnicmp(var->value, "0x", 2)) { + pj_str_t cipher_st = pj_str((char*)var->value + 2); + cipher = pj_strtoul2(&cipher_st, NULL, 16); + } else { + cipher = atoi(var->value); + } } if (pj_ssl_cipher_is_supported(cipher)) { |