From 889c2e19741ff7d492fbab15d14844fff30eba99 Mon Sep 17 00:00:00 2001 From: Sylvain Berfini Date: Wed, 23 Mar 2016 16:23:03 +0100 Subject: [PATCH] Added method to configure ssl_config for sal and http provider --- coreapi/bellesip_sal/sal_impl.c | 8 ++++++++ coreapi/bellesip_sal/sal_impl.h | 1 + coreapi/linphonecore.c | 7 +++++++ coreapi/linphonecore.h | 8 ++++++++ include/sal/sal.h | 1 + 5 files changed, 25 insertions(+) diff --git a/coreapi/bellesip_sal/sal_impl.c b/coreapi/bellesip_sal/sal_impl.c index 131d7656c..010921544 100644 --- a/coreapi/bellesip_sal/sal_impl.c +++ b/coreapi/bellesip_sal/sal_impl.c @@ -501,6 +501,7 @@ Sal * sal_init(MSFactory *factory){ sal->refresher_retry_after=60000; /*default value in ms*/ sal->enable_sip_update=TRUE; sal->pending_trans_checking=TRUE; + sal->ssl_config = NULL; return sal; } @@ -746,6 +747,7 @@ static void set_tls_properties(Sal *ctx){ else if (!ctx->tls_verify_cn) verify_exceptions = BELLE_TLS_VERIFY_CN_MISMATCH; belle_tls_crypto_config_set_verify_exceptions(crypto_config, verify_exceptions); if (ctx->root_ca != NULL) belle_tls_crypto_config_set_root_ca(crypto_config, ctx->root_ca); + if (ctx->ssl_config != NULL) belle_tls_crypto_config_set_ssl_config(crypto_config, ctx->ssl_config); belle_sip_tls_listening_point_set_crypto_config(tlp, crypto_config); belle_sip_object_unref(crypto_config); } @@ -774,6 +776,12 @@ void sal_verify_server_cn(Sal *ctx, bool_t verify){ return ; } +void sal_set_ssl_config(Sal *ctx, void *ssl_config) { + ctx->ssl_config = ssl_config; + set_tls_properties(ctx); + return ; +} + void sal_use_tcp_tls_keepalive(Sal *ctx, bool_t enabled) { ctx->use_tcp_tls_keep_alive=enabled; } diff --git a/coreapi/bellesip_sal/sal_impl.h b/coreapi/bellesip_sal/sal_impl.h index b9175a7d0..a77ed6855 100644 --- a/coreapi/bellesip_sal/sal_impl.h +++ b/coreapi/bellesip_sal/sal_impl.h @@ -53,6 +53,7 @@ struct Sal{ bool_t enable_sip_update; /*true by default*/ SalOpSDPHandling default_sdp_handling; bool_t pending_trans_checking; /*testing purpose*/ + void *ssl_config; }; typedef enum SalOpState { diff --git a/coreapi/linphonecore.c b/coreapi/linphonecore.c index 9bd7ffd77..394e1810b 100644 --- a/coreapi/linphonecore.c +++ b/coreapi/linphonecore.c @@ -4893,6 +4893,13 @@ void linphone_core_verify_server_cn(LinphoneCore *lc, bool_t yesno){ lp_config_set_int(lc->config,"sip","verify_server_cn",yesno); } +void linphone_core_set_ssl_config(LinphoneCore *lc, void *ssl_config) { + sal_set_ssl_config(lc->sal, ssl_config); + if (lc->http_crypto_config) { + belle_tls_crypto_config_set_ssl_config(lc->http_crypto_config, ssl_config); + } +} + static void notify_end_of_ringtone( LinphoneRingtonePlayer* rp, void* user_data, int status) { LinphoneCore *lc=(LinphoneCore*)user_data; lc->preview_finished=1; diff --git a/coreapi/linphonecore.h b/coreapi/linphonecore.h index f98437606..4a0f357e7 100644 --- a/coreapi/linphonecore.h +++ b/coreapi/linphonecore.h @@ -3240,6 +3240,14 @@ LINPHONE_PUBLIC const char *linphone_core_get_ring(const LinphoneCore *lc); LINPHONE_PUBLIC void linphone_core_verify_server_certificates(LinphoneCore *lc, bool_t yesno); LINPHONE_PUBLIC void linphone_core_verify_server_cn(LinphoneCore *lc, bool_t yesno); LINPHONE_PUBLIC void linphone_core_set_root_ca(LinphoneCore *lc, const char *path); +/** + * Set the pointer to an externally provided ssl configuration for the crypto library + * @param lc #LinphoneCore object + * @param[in] ssl_config A pointer to an opaque structure which will be provided directly to the crypto library used in bctoolbox. Use with extra care. + * This ssl_config structure is responsability of the caller and will not be freed at the connection's end. + * @ingroup initializing + */ +LINPHONE_PUBLIC void linphone_core_set_ssl_config(LinphoneCore *lc, void *ssl_config); LINPHONE_PUBLIC const char *linphone_core_get_root_ca(LinphoneCore *lc); LINPHONE_PUBLIC void linphone_core_set_ringback(LinphoneCore *lc, const char *path); LINPHONE_PUBLIC const char * linphone_core_get_ringback(const LinphoneCore *lc); diff --git a/include/sal/sal.h b/include/sal/sal.h index c5b04b159..7efc6b47b 100644 --- a/include/sal/sal.h +++ b/include/sal/sal.h @@ -622,6 +622,7 @@ void sal_set_root_ca(Sal* ctx, const char* rootCa); const char *sal_get_root_ca(Sal* ctx); void sal_verify_server_certificates(Sal *ctx, bool_t verify); void sal_verify_server_cn(Sal *ctx, bool_t verify); +void sal_set_ssl_config(Sal *ctx, void *ssl_config); void sal_set_uuid(Sal*ctx, const char *uuid); int sal_create_uuid(Sal*ctx, char *uuid, size_t len); int sal_generate_uuid(char *uuid, size_t len);