From: Chris Rienzo Date: Tue, 16 Nov 2021 23:10:59 +0000 (-0500) Subject: [mod_sofia] fail set up of STIR/SHAKEN verification service if configured CA director... X-Git-Tag: v1.10.8^2~110^2 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F1444%2Fhead;p=thirdparty%2Ffreeswitch.git [mod_sofia] fail set up of STIR/SHAKEN verification service if configured CA directory fails to load --- diff --git a/src/mod/endpoints/mod_sofia/mod_sofia.c b/src/mod/endpoints/mod_sofia/mod_sofia.c index a3a6cd8e91..13d689fe93 100644 --- a/src/mod/endpoints/mod_sofia/mod_sofia.c +++ b/src/mod/endpoints/mod_sofia/mod_sofia.c @@ -6140,7 +6140,12 @@ static switch_status_t sofia_stir_shaken_vs_create(stir_shaken_context_t *contex return SWITCH_STATUS_FALSE; } if (mod_sofia_globals.stir_shaken_vs_ca_dir) { - stir_shaken_vs_load_ca_dir(context, sofia_stir_shaken_vs, mod_sofia_globals.stir_shaken_vs_ca_dir); + if (stir_shaken_vs_load_ca_dir(context, sofia_stir_shaken_vs, mod_sofia_globals.stir_shaken_vs_ca_dir) != STIR_SHAKEN_STATUS_OK) { + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Failed to load trusted root certificates from %s\n", mod_sofia_globals.stir_shaken_vs_ca_dir); + return SWITCH_STATUS_FALSE; + } else { + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_INFO, "Loaded trusted root certificates from %s\n", mod_sofia_globals.stir_shaken_vs_ca_dir); + } } stir_shaken_vs_set_x509_cert_path_check(context, sofia_stir_shaken_vs, mod_sofia_globals.stir_shaken_vs_cert_path_check); stir_shaken_vs_set_connect_timeout(context, sofia_stir_shaken_vs, 3);