mirror of
https://gitlab.linphone.org/BC/public/linphone-iphone.git
synced 2026-05-07 05:53:06 +00:00
fix TLS support under linphonec and gtk (problem not occuring with mobile versions)
Implement registration refresh upon SIP network protocol change.
This commit is contained in:
Simon Morlat
parent
27891569dd
commit
2e52e24792
6 changed files with 47 additions and 12 deletions
|
|
@ -501,6 +501,13 @@ static void sip_config_read(LinphoneCore *lc)
|
|||
} else {
|
||||
tr.tls_port=lp_config_get_int(lc->config,"sip","sip_tls_port",0);
|
||||
}
|
||||
|
||||
#ifdef __linux
|
||||
sal_set_root_ca(lc->sal, lp_config_get_string(lc->config,"sip","root_ca", "/etc/ssl/certs"));
|
||||
#else
|
||||
sal_set_root_ca(lc->sal, lp_config_get_string(lc->config,"sip","root_ca", ROOT_CA_FILE));
|
||||
#endif
|
||||
linphone_core_verify_server_certificates(lc,lp_config_get_int(lc->config,"sip","verify_server_certs",TRUE));
|
||||
/*start listening on ports*/
|
||||
linphone_core_set_sip_transports(lc,&tr);
|
||||
|
||||
|
|
@ -523,12 +530,6 @@ static void sip_config_read(LinphoneCore *lc)
|
|||
ms_free(contact);
|
||||
}
|
||||
|
||||
#ifdef __linux
|
||||
sal_root_ca(lc->sal, lp_config_get_string(lc->config,"sip","root_ca", "/etc/ssl/certs"));
|
||||
#else
|
||||
sal_root_ca(lc->sal, lp_config_get_string(lc->config,"sip","root_ca", ROOT_CA_FILE));
|
||||
#endif
|
||||
|
||||
tmp=lp_config_get_int(lc->config,"sip","guess_hostname",1);
|
||||
linphone_core_set_guess_hostname(lc,tmp);
|
||||
|
||||
|
|
@ -1480,12 +1481,15 @@ static int apply_transports(LinphoneCore *lc){
|
|||
const char *anyaddr;
|
||||
LCSipTransports *tr=&lc->sip_conf.transports;
|
||||
|
||||
/*first of all invalidate all current registrations so that we can register again with new transports*/
|
||||
__linphone_core_invalidate_registers(lc);
|
||||
|
||||
if (lc->sip_conf.ipv6_enabled)
|
||||
anyaddr="::0";
|
||||
else
|
||||
anyaddr="0.0.0.0";
|
||||
|
||||
sal_unlisten_ports (sal);
|
||||
sal_unlisten_ports(sal);
|
||||
if (tr->udp_port>0){
|
||||
if (sal_listen_port (sal,anyaddr,tr->udp_port,SalTransportUDP,FALSE)!=0){
|
||||
transport_error(lc,"udp",tr->udp_port);
|
||||
|
|
@ -2995,7 +2999,14 @@ const char *linphone_core_get_ring(const LinphoneCore *lc){
|
|||
* @ingroup media_parameters
|
||||
**/
|
||||
void linphone_core_set_root_ca(LinphoneCore *lc,const char *path){
|
||||
sal_root_ca(lc->sal, path);
|
||||
sal_set_root_ca(lc->sal, path);
|
||||
}
|
||||
|
||||
/**
|
||||
* Specify whether the tls server certificate must be verified when connecting to a SIP/TLS server.
|
||||
**/
|
||||
void linphone_core_verify_server_certificates(LinphoneCore *lc, bool_t yesno){
|
||||
sal_verify_server_certificates(lc->sal,yesno);
|
||||
}
|
||||
|
||||
static void notify_end_of_ring(void *ud, MSFilter *f, unsigned int event, void *arg){
|
||||
|
|
@ -4126,6 +4137,7 @@ static void set_network_reachable(LinphoneCore* lc,bool_t isReachable, time_t cu
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
void linphone_core_refresh_registers(LinphoneCore* lc) {
|
||||
const MSList *elem=linphone_core_get_proxy_config_list(lc);
|
||||
for(;elem!=NULL;elem=elem->next){
|
||||
|
|
@ -4136,6 +4148,17 @@ void linphone_core_refresh_registers(LinphoneCore* lc) {
|
|||
}
|
||||
}
|
||||
|
||||
void __linphone_core_invalidate_registers(LinphoneCore* lc){
|
||||
const MSList *elem=linphone_core_get_proxy_config_list(lc);
|
||||
for(;elem!=NULL;elem=elem->next){
|
||||
LinphoneProxyConfig *cfg=(LinphoneProxyConfig*)elem->data;
|
||||
if (linphone_proxy_config_register_enabled(cfg) ) {
|
||||
linphone_proxy_config_edit(cfg);
|
||||
linphone_proxy_config_done(cfg);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
void linphone_core_set_network_reachable(LinphoneCore* lc,bool_t isReachable) {
|
||||
//first disable automatic mode
|
||||
if (lc->auto_net_state_mon) {
|
||||
|
|
|
|||
|
|
@ -870,6 +870,7 @@ char linphone_core_get_sound_source(LinphoneCore *lc);
|
|||
void linphone_core_set_sound_source(LinphoneCore *lc, char source);
|
||||
void linphone_core_set_ring(LinphoneCore *lc, const char *path);
|
||||
const char *linphone_core_get_ring(const LinphoneCore *lc);
|
||||
void linphone_core_verify_server_certificates(LinphoneCore *lc, bool_t yesno);
|
||||
void linphone_core_set_root_ca(LinphoneCore *lc, const char *path);
|
||||
void linphone_core_set_ringback(LinphoneCore *lc, const char *path);
|
||||
const char * linphone_core_get_ringback(const LinphoneCore *lc);
|
||||
|
|
|
|||
|
|
@ -529,6 +529,8 @@ void linphone_call_remove_from_conf(LinphoneCall *call);
|
|||
void linphone_core_conference_check_uninit(LinphoneConference *ctx);
|
||||
bool_t linphone_core_sound_resources_available(LinphoneCore *lc);
|
||||
|
||||
void __linphone_core_invalidate_registers(LinphoneCore* lc);
|
||||
|
||||
#define HOLD_OFF (0)
|
||||
#define HOLD_ON (1)
|
||||
|
||||
|
|
|
|||
|
|
@ -285,7 +285,8 @@ void sal_reuse_authorization(Sal *ctx, bool_t enabled);
|
|||
void sal_use_one_matching_codec_policy(Sal *ctx, bool_t one_matching_codec);
|
||||
void sal_use_rport(Sal *ctx, bool_t use_rports);
|
||||
void sal_use_101(Sal *ctx, bool_t use_101);
|
||||
void sal_root_ca(Sal* ctx, const char* rootCa);
|
||||
void sal_set_root_ca(Sal* ctx, const char* rootCa);
|
||||
void sal_verify_server_certificates(Sal *ctx, bool_t verify);
|
||||
|
||||
int sal_iterate(Sal *sal);
|
||||
MSList * sal_get_pending_auths(Sal *sal);
|
||||
|
|
|
|||
|
|
@ -282,6 +282,7 @@ Sal * sal_init(){
|
|||
sal->use_101=TRUE;
|
||||
sal->reuse_authorization=FALSE;
|
||||
sal->rootCa = 0;
|
||||
sal->verify_server_certs=TRUE;
|
||||
return sal;
|
||||
}
|
||||
|
||||
|
|
@ -374,6 +375,7 @@ int sal_listen_port(Sal *ctx, const char *addr, int port, SalTransport tr, int i
|
|||
snprintf(tlsCtx.root_ca_cert, sizeof(tlsCtx.client.cert), "%s", ctx->rootCa);
|
||||
eXosip_set_tls_ctx(&tlsCtx);
|
||||
}
|
||||
eXosip_tls_verify_certificate(ctx->verify_server_certs);
|
||||
break;
|
||||
default:
|
||||
ms_warning("unexpected proto, using datagram");
|
||||
|
|
@ -440,12 +442,17 @@ void sal_use_101(Sal *ctx, bool_t use_101){
|
|||
ctx->use_101=use_101;
|
||||
}
|
||||
|
||||
void sal_root_ca(Sal* ctx, const char* rootCa) {
|
||||
void sal_set_root_ca(Sal* ctx, const char* rootCa) {
|
||||
if (ctx->rootCa)
|
||||
ms_free(ctx->rootCa);
|
||||
ctx->rootCa = ms_strdup(rootCa);
|
||||
}
|
||||
|
||||
void sal_verify_server_certificates(Sal *ctx, bool_t verify){
|
||||
ctx->verify_server_certs=verify;
|
||||
eXosip_tls_verify_certificate(verify);
|
||||
}
|
||||
|
||||
static int extract_received_rport(osip_message_t *msg, const char **received, int *rportval,SalTransport* transport){
|
||||
osip_via_t *via=NULL;
|
||||
osip_generic_param_t *param=NULL;
|
||||
|
|
|
|||
|
|
@ -39,13 +39,14 @@ struct Sal{
|
|||
int running;
|
||||
int session_expires;
|
||||
int keepalive_period;
|
||||
void *up;
|
||||
void *up; /*user pointer*/
|
||||
char* rootCa; /* File _or_ folder containing root CA */
|
||||
bool_t one_matching_codec;
|
||||
bool_t double_reg;
|
||||
bool_t use_rports;
|
||||
bool_t use_101;
|
||||
bool_t reuse_authorization;
|
||||
char* rootCa; /* File _or_ folder containing root CA */
|
||||
bool_t verify_server_certs;
|
||||
};
|
||||
|
||||
struct SalOp{
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue