diff options
| author | Joshua Colp <jcolp@digium.com> | 2017-11-06 12:22:38 -0600 |
|---|---|---|
| committer | Gerrit Code Review <gerrit2@gerrit.digium.api> | 2017-11-06 12:22:38 -0600 |
| commit | 637b37fb980822f50966f5292a786d03a859cd89 (patch) | |
| tree | 26cfbc1d25a421cf2ce7068e63d1c218a3e92ca2 /res/res_pjsip | |
| parent | 3126c396b1d7468da79a3c6bb282217829a33c11 (diff) | |
| parent | 04d3785a798e984a5f5d43ec5f124a9b30a58b9e (diff) | |
Merge "dtls: Add support for ephemeral DTLS certificates."
Diffstat (limited to 'res/res_pjsip')
| -rw-r--r-- | res/res_pjsip/pjsip_configuration.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/res/res_pjsip/pjsip_configuration.c b/res/res_pjsip/pjsip_configuration.c index 269e03e3d..a6afe5e53 100644 --- a/res/res_pjsip/pjsip_configuration.c +++ b/res/res_pjsip/pjsip_configuration.c @@ -991,6 +991,13 @@ static int dtlsrekey_to_str(const void *obj, const intptr_t *args, char **buf) buf, "%u", endpoint->media.rtp.dtls_cfg.rekey) >=0 ? 0 : -1; } +static int dtlsautogeneratecert_to_str(const void *obj, const intptr_t *args, char **buf) +{ + const struct ast_sip_endpoint *endpoint = obj; + *buf = ast_strdup(AST_YESNO(endpoint->media.rtp.dtls_cfg.ephemeral_cert)); + return 0; +} + static int dtlscertfile_to_str(const void *obj, const intptr_t *args, char **buf) { const struct ast_sip_endpoint *endpoint = obj; @@ -1353,6 +1360,10 @@ static int sip_endpoint_apply_handler(const struct ast_sorcery *sorcery, void *o return -1; } + if (ast_rtp_dtls_cfg_validate(&endpoint->media.rtp.dtls_cfg)) { + return -1; + } + endpoint->media.topology = ast_stream_topology_create_from_format_cap(endpoint->media.codecs); if (!endpoint->media.topology) { return -1; @@ -1377,9 +1388,8 @@ static int sip_endpoint_apply_handler(const struct ast_sorcery *sorcery, void *o endpoint->media.rtp.dtls_cfg.verify = AST_RTP_DTLS_VERIFY_FINGERPRINT; if (ast_strlen_zero(endpoint->media.rtp.dtls_cfg.certfile)) { - ast_log(LOG_ERROR, "WebRTC can't be enabled on endpoint '%s' - a DTLS cert " - "has not been specified", ast_sorcery_object_get_id(endpoint)); - return -1; + /* If no certificate has been specified, try to automatically create one */ + endpoint->media.rtp.dtls_cfg.ephemeral_cert = 1; } } @@ -1967,6 +1977,7 @@ int ast_res_pjsip_initialize_configuration(void) ast_sorcery_object_field_register(sip_sorcery, "endpoint", "rtp_engine", "asterisk", OPT_STRINGFIELD_T, 0, STRFLDSET(struct ast_sip_endpoint, media.rtp.engine)); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_verify", "no", dtls_handler, dtlsverify_to_str, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_rekey", "0", dtls_handler, dtlsrekey_to_str, NULL, 0, 0); + ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_auto_generate_cert", "no", dtls_handler, dtlsautogeneratecert_to_str, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_cert_file", "", dtls_handler, dtlscertfile_to_str, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_private_key", "", dtls_handler, dtlsprivatekey_to_str, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_cipher", "", dtls_handler, dtlscipher_to_str, NULL, 0, 0); |