diff options
author | rizzo <rizzo@f38db490-d61c-443f-a65b-d21fe96a405b> | 2006-12-07 16:42:29 +0000 |
---|---|---|
committer | rizzo <rizzo@f38db490-d61c-443f-a65b-d21fe96a405b> | 2006-12-07 16:42:29 +0000 |
commit | fa3680b8820ff6a3f25663f0a6359074bdbc3ff8 (patch) | |
tree | 496d516e3cac578423d0eb17f1676d0379ee897c /include/asterisk/http.h | |
parent | 6e7bc039577c6931e33d53011dcf846a88981910 (diff) |
- Generalize the function ssl_setup() so that the certificate info
are passed as an argument.
- Update the code in main/http.c to use the new interface
(the diff is large but mostly mechanical, due to the name change of
several variables);
- And since now it is trivial, implement "AMI over TLS", and document
the possible options in manager.conf
- And since the test client (openssl s_client -connect host:port )
does not generate \r\n as a line terminator, make get_input()
also accept just a \n as a line terminator (Mac users: do you
also need the \r-only version ?)
The option parsing in manager.conf is not very efficient, and needs
to be cleaned up and made similar to what we have in http.conf
git-svn-id: http://svn.digium.com/svn/asterisk/trunk@48351 f38db490-d61c-443f-a65b-d21fe96a405b
Diffstat (limited to 'include/asterisk/http.h')
-rw-r--r-- | include/asterisk/http.h | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/include/asterisk/http.h b/include/asterisk/http.h index f14edd883..bfd39c039 100644 --- a/include/asterisk/http.h +++ b/include/asterisk/http.h @@ -60,9 +60,21 @@ #include <openssl/ssl.h> #include <openssl/err.h> #else -typedef struct {} SSL; /* so we can define a pointer to it */ +/* declare dummy types so we can define a pointer to them */ +typedef struct {} SSL; +typedef struct {} SSL_CTX; #endif /* DO_SSL */ +/* SSL support */ +#define AST_CERTFILE "asterisk.pem" + +struct tls_config { + int enabled; + char *certfile; + char *cipher; + SSL_CTX *ssl_ctx; +}; + /*! * The following code implements a generic mechanism for starting * services on a TCP or TLS socket. @@ -111,7 +123,7 @@ struct server_instance { struct server_args { struct sockaddr_in sin; struct sockaddr_in oldsin; - int is_ssl; /* is this an SSL accept ? */ + struct tls_config *tls_cfg; /* points to the SSL configuration if any */ int accept_fd; int poll_timeout; pthread_t master; @@ -123,7 +135,7 @@ struct server_args { void *server_root(void *); void server_start(struct server_args *desc); -int ssl_setup(void); +int ssl_setup(struct tls_config *cfg); /*! \brief HTTP Callbacks take the socket, the method and the path as arguments and should return the content, allocated with malloc(). Status should be changed to reflect |