git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Ben Ford <bford@digium.com>
	Wed, 21 Apr 2021 16:12:55 +0000 (11:12 -0500)
committer	George Joseph <gjoseph@digium.com>
	Tue, 11 May 2021 14:29:38 +0000 (09:29 -0500)
commit	5e6508b56fb6fc766fbcedbd4d5656e7e543e93f
tree	1a72bbd4ee2ca19b572facf82617aab2df86412d	tree
parent	40bdfff73b2fd6e6f97de70de21ec60557118faa	commit \| diff

STIR/SHAKEN: Fix certificate type and storage.

During OpenSIPit, we found out that the public certificates must be of
type X.509. When reading in public keys, we use the corresponding X.509
functions now.

We also discovered that we needed a better naming scheme for the
certificates since certificates with the same name would cause issues
(overwriting certs, etc.). Now when we download a public certificate, we
get the serial number from it and use that as the name of the cached
certificate.

The configuration option public_key_url in stir_shaken.conf has also
been renamed to public_cert_url, which better describes what the option
is for.

https://wiki.asterisk.org/wiki/display/AST/OpenSIPit+2021

Change-Id: Ia00b20835f5f976e3603797f2f2fb19672d8114d

configs/samples/stir_shaken.conf.sample		diff \| blob \| blame \| history
doc/UPGRADE-staging/stir-shaken-public-key-url.txt	[new file with mode: 0644]	blob
include/asterisk/res_stir_shaken.h		diff \| blob \| blame \| history
res/res_pjsip_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/certificate.c		diff \| blob \| blame \| history
res/res_stir_shaken/certificate.h		diff \| blob \| blame \| history
res/res_stir_shaken/curl.c		diff \| blob \| blame \| history
res/res_stir_shaken/curl.h		diff \| blob \| blame \| history
res/res_stir_shaken/stir_shaken.c		diff \| blob \| blame \| history
res/res_stir_shaken/stir_shaken.h		diff \| blob \| blame \| history
res/res_stir_shaken/store.c		diff \| blob \| blame \| history