Added method to configure ssl_config for sal and http provider

2026-01-19 12:08:11 +00:00 · 2016-03-23 16:23:03 +01:00 · 2016-03-23 16:23:03 +01:00 · 889c2e1974
commit 889c2e1974
parent aebdff1985
5 changed files with 25 additions and 0 deletions
--- a/coreapi/bellesip_sal/sal_impl.c
+++ b/coreapi/bellesip_sal/sal_impl.c
@ -501,6 +501,7 @@ Sal * sal_init(MSFactory *factory){
 	sal->refresher_retry_after=60000; /*default value in ms*/
 	sal->enable_sip_update=TRUE;
 	sal->pending_trans_checking=TRUE;
+	sal->ssl_config = NULL;
 	return sal;
 }

@ -746,6 +747,7 @@ static void set_tls_properties(Sal *ctx){
 		else if (!ctx->tls_verify_cn) verify_exceptions = BELLE_TLS_VERIFY_CN_MISMATCH;
 		belle_tls_crypto_config_set_verify_exceptions(crypto_config, verify_exceptions);
 		if (ctx->root_ca != NULL) belle_tls_crypto_config_set_root_ca(crypto_config, ctx->root_ca);
+		if (ctx->ssl_config != NULL) belle_tls_crypto_config_set_ssl_config(crypto_config, ctx->ssl_config);
 		belle_sip_tls_listening_point_set_crypto_config(tlp, crypto_config);
 		belle_sip_object_unref(crypto_config);
 	}
@ -774,6 +776,12 @@ void sal_verify_server_cn(Sal *ctx, bool_t verify){
 	return ;
 }

+void sal_set_ssl_config(Sal *ctx, void *ssl_config) {
+	ctx->ssl_config = ssl_config;
+	set_tls_properties(ctx);
+	return ;
+}
+
 void sal_use_tcp_tls_keepalive(Sal *ctx, bool_t enabled) {
 	ctx->use_tcp_tls_keep_alive=enabled;
 }
--- a/coreapi/bellesip_sal/sal_impl.h
+++ b/coreapi/bellesip_sal/sal_impl.h
@ -53,6 +53,7 @@ struct Sal{
 	bool_t enable_sip_update; /*true by default*/
 	SalOpSDPHandling default_sdp_handling;
 	bool_t pending_trans_checking; /*testing purpose*/
+	void *ssl_config;
 };

 typedef enum SalOpState {
--- a/coreapi/linphonecore.c
+++ b/coreapi/linphonecore.c
@ -4893,6 +4893,13 @@ void linphone_core_verify_server_cn(LinphoneCore *lc, bool_t yesno){
 	lp_config_set_int(lc->config,"sip","verify_server_cn",yesno);
 }

+void linphone_core_set_ssl_config(LinphoneCore *lc, void *ssl_config) {
+	sal_set_ssl_config(lc->sal, ssl_config);
+	if (lc->http_crypto_config) {
+		belle_tls_crypto_config_set_ssl_config(lc->http_crypto_config, ssl_config);
+	}
+}
+
 static void notify_end_of_ringtone( LinphoneRingtonePlayer* rp, void* user_data, int status) {
 	LinphoneCore *lc=(LinphoneCore*)user_data;
 	lc->preview_finished=1;
--- a/coreapi/linphonecore.h
+++ b/coreapi/linphonecore.h
@ -3240,6 +3240,14 @@ LINPHONE_PUBLIC const char *linphone_core_get_ring(const LinphoneCore *lc);
 LINPHONE_PUBLIC void linphone_core_verify_server_certificates(LinphoneCore *lc, bool_t yesno);
 LINPHONE_PUBLIC void linphone_core_verify_server_cn(LinphoneCore *lc, bool_t yesno);
 LINPHONE_PUBLIC void linphone_core_set_root_ca(LinphoneCore *lc, const char *path);
+/**
+ * Set the pointer to an externally provided ssl configuration for the crypto library
+ * @param			lc			#LinphoneCore object
+ * @param[in]		ssl_config	A pointer to an opaque structure which will be provided directly to the crypto library used in bctoolbox. Use with extra care.
+ * 								This ssl_config structure is responsability of the caller and will not be freed at the connection's end.
+ * @ingroup initializing
+ */
+LINPHONE_PUBLIC void linphone_core_set_ssl_config(LinphoneCore *lc, void *ssl_config);
 LINPHONE_PUBLIC const char *linphone_core_get_root_ca(LinphoneCore *lc);
 LINPHONE_PUBLIC	void linphone_core_set_ringback(LinphoneCore *lc, const char *path);
 LINPHONE_PUBLIC const char * linphone_core_get_ringback(const LinphoneCore *lc);
--- a/include/sal/sal.h
+++ b/include/sal/sal.h
@ -622,6 +622,7 @@ void sal_set_root_ca(Sal* ctx, const char* rootCa);
 const char *sal_get_root_ca(Sal* ctx);
 void sal_verify_server_certificates(Sal *ctx, bool_t verify);
 void sal_verify_server_cn(Sal *ctx, bool_t verify);
+void sal_set_ssl_config(Sal *ctx, void *ssl_config);
 void sal_set_uuid(Sal*ctx, const char *uuid);
 int sal_create_uuid(Sal*ctx, char *uuid, size_t len);
 int sal_generate_uuid(char *uuid, size_t len);