git.ipfire.org Git - thirdparty/asterisk.git/commit

author	Mike Pultz <mike@mikepultz.com>
	Sat, 9 Nov 2024 19:19:49 +0000 (14:19 -0500)
committer	Asterisk Development Team <asteriskteam@digium.com>
	Thu, 23 Jan 2025 18:42:28 +0000 (18:42 +0000)
commit	6b194cbbe3787cda364ceff7775589b7d603828b
tree	e0f9f90134e9cc85b81a102a1671c385ac5841ea	tree \| snapshot
parent	42629c695d402b01ab8fd5f4385a29b61a003b9f	commit \| diff

func_curl.c: Add additional CURL options for SSL requests

This patch adds additional CURL TLS options / options to support mTLS authenticated requests:

* ssl_verifyhost - perform a host verification on the peer certificate (CURLOPT_SSL_VERIFYHOST)
* ssl_cainfo - define a CA certificate file (CURLOPT_CAINFO)
* ssl_capath - define a CA certificate directory (CURLOPT_CAPATH)
* ssl_cert - define a client certificate for the request (CURLOPT_SSLCERT)
* ssl_certtype - specify the client certificate type (CURLOPT_SSLCERTTYPE)
* ssl_key - define a client private key for the request (CURLOPT_SSLKEY)
* ssl_keytype - specify the client private key type (CURLOPT_SSLKEYTYPE)
* ssl_keypasswd - set a password for the private key, if required (CURLOPT_KEYPASSWD)

UserNote: The following new configuration options are now available
in the res_curl.conf file, and the CURL() function: 'ssl_verifyhost'
(CURLOPT_SSL_VERIFYHOST), 'ssl_cainfo' (CURLOPT_CAINFO), 'ssl_capath'
(CURLOPT_CAPATH), 'ssl_cert' (CURLOPT_SSLCERT), 'ssl_certtype'
(CURLOPT_SSLCERTTYPE), 'ssl_key' (CURLOPT_SSLKEY), 'ssl_keytype',
(CURLOPT_SSLKEYTYPE) and 'ssl_keypasswd' (CURLOPT_KEYPASSWD). See the
libcurl documentation for more details.

(cherry picked from commit 8e289af9de23fe2ca83881b6cedb375f87345d7a)