From 0f4489dc0f76b92d95592cc0b726cb98f781881e Mon Sep 17 00:00:00 2001
From: Mark Michelson <mmichelson@digium.com>
Date: Thu, 2 Feb 2012 18:55:05 +0000
Subject: Fix TLS port binding behavior as well as reload behavior:

* Removes references to tlsbindport from http.conf.sample and manager.conf.sample
* Properly bind to port specified in tlsbindaddr, using the default port if specified.
* On a reload, properly close socket if the service has been disabled.

A note has been added to UPGRADE.txt to indicate how ports must be set for TLS.

(closes issue ASTERISK-16959)
reported by Olaf Holthausen

(closes issue ASTERISK-19201)
reported by Chris Mylonas

(closes issue ASTERISK-19204)
reported by Chris Mylonas

Review: https://reviewboard.asterisk.org/r/1709
........

Merged revisions 353770 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 353820 from http://svn.asterisk.org/svn/asterisk/branches/10


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@353821 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---
 configs/http.conf.sample    | 3 +--
 configs/manager.conf.sample | 3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)

(limited to 'configs')

diff --git a/configs/http.conf.sample b/configs/http.conf.sample
index 8a63148ff..5b9c9a76f 100644
--- a/configs/http.conf.sample
+++ b/configs/http.conf.sample
@@ -56,8 +56,7 @@ bindaddr=127.0.0.1
 ; explicitly enable tls, define the port to use,
 ; and have a certificate somewhere.
 ;tlsenable=yes          ; enable tls - default no.
-;tlsbindport=4433       ; port to use - default is 8089
-;tlsbindaddr=0.0.0.0    ; address to bind to - default is bindaddr.
+;tlsbindaddr=0.0.0.0:8089    ; address and port to bind to - default is bindaddr and port 8089.
 ;
 ;tlscertfile=</path/to/certificate.pem>  ; path to the certificate file (*.pem) only.
 ;tlsprivatekey=</path/to/private.pem>    ; path to private key file (*.pem) only.
diff --git a/configs/manager.conf.sample b/configs/manager.conf.sample
index 2d43360f6..fb44e74d4 100644
--- a/configs/manager.conf.sample
+++ b/configs/manager.conf.sample
@@ -33,8 +33,7 @@ bindaddr = 0.0.0.0
 ;	openssl s_client -connect my_host:5039
 ;
 ;tlsenable=no		; set to YES to enable it
-;tlsbindport=5039		; the port to bind to
-;tlsbindaddr=0.0.0.0		; address to bind to, default to bindaddr
+;tlsbindaddr=0.0.0.0:5039		; address and port to bind to, default to bindaddr and port 5039
 ;tlscertfile=/tmp/asterisk.pem	; path to the certificate.
 ;tlsprivatekey=/tmp/private.pem ; path to the private key, if no private given,
                                 ; if no tlsprivatekey is given, default is to search
-- 
cgit v1.2.3