git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Ben Ford <bford@digium.com>
	Wed, 21 Apr 2021 16:12:55 +0000 (11:12 -0500)
committer	George Joseph <gjoseph@digium.com>
	Tue, 11 May 2021 14:29:57 +0000 (09:29 -0500)
commit	259ecfa289dda9d75d1a2e384fe26ffda86f9e67
tree	f071d23579c3977054e452fbb201d6d4c9c7fb5e	tree
parent	09303e8e227ece6da4253f55acf397c4f9bf2842	commit \| diff

STIR/SHAKEN: Fix certificate type and storage.

During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.

We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.

The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d

configs/samples/stir_shaken.conf.sample		diff \| blob \| blame \| history
doc/UPGRADE-staging/stir-shaken-public-key-url.txt	[new file with mode: 0644]	blob
include/asterisk/res_stir_shaken.h		diff \| blob \| blame \| history
res/res_pjsip_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/certificate.c		diff \| blob \| blame \| history
res/res_stir_shaken/certificate.h		diff \| blob \| blame \| history
res/res_stir_shaken/curl.c		diff \| blob \| blame \| history
res/res_stir_shaken/curl.h		diff \| blob \| blame \| history
res/res_stir_shaken/stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/stir_shaken.h		diff \| blob \| blame \| history
res/res_stir_shaken/store.c		diff \| blob \| blame \| history