From 04d3785a798e984a5f5d43ec5f124a9b30a58b9e Mon Sep 17 00:00:00 2001 From: Sean Bright Date: Fri, 29 Sep 2017 14:50:17 +0000 Subject: dtls: Add support for ephemeral DTLS certificates. This mimics the behavior of Chrome and Firefox and creates an ephemeral X.509 certificate for each DTLS session. Currently, the only supported key type is ECDSA because of its faster generation time, but other key types can be added in the future as necessary. ASTERISK-27395 Change-Id: I5122e5f4b83c6320cc17407a187fcf491daf30b4 --- .../041c0d3d1857_add_dtls_auto_gen_cert.py | 33 ++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 contrib/ast-db-manage/config/versions/041c0d3d1857_add_dtls_auto_gen_cert.py (limited to 'contrib/ast-db-manage') diff --git a/contrib/ast-db-manage/config/versions/041c0d3d1857_add_dtls_auto_gen_cert.py b/contrib/ast-db-manage/config/versions/041c0d3d1857_add_dtls_auto_gen_cert.py new file mode 100644 index 000000000..2733b35cc --- /dev/null +++ b/contrib/ast-db-manage/config/versions/041c0d3d1857_add_dtls_auto_gen_cert.py @@ -0,0 +1,33 @@ +"""add_dtls_auto_generate_cert + +Revision ID: 041c0d3d1857 +Revises: de83fac997e2 +Create Date: 2017-10-30 14:28:10.548395 + +""" + +# revision identifiers, used by Alembic. +revision = '041c0d3d1857' +down_revision = 'de83fac997e2' + +from alembic import op +import sqlalchemy as sa +from sqlalchemy.dialects.postgresql import ENUM + +YESNO_NAME = 'yesno_values' +YESNO_VALUES = ['yes', 'no'] + +def upgrade(): + ############################# Enums ############################## + + # yesno_values have already been created, so use postgres enum object + # type to get around "already created" issue - works okay with mysql + yesno_values = ENUM(*YESNO_VALUES, name=YESNO_NAME, create_type=False) + + op.add_column('ps_endpoints', sa.Column('dtls_auto_generate_cert', yesno_values)) + + +def downgrade(): + if op.get_context().bind.dialect.name == 'mssql': + op.drop_constraint('ck_ps_endpoints_dtls_auto_generate_cert_yesno_values', 'ps_endpoints') + op.drop_column('ps_endpoints', 'dtls_auto_generate_cert') -- cgit v1.2.3