-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/237/
-----------------------------------------------------------
Review request for Asterisk Developers.
Summary
-------
ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix.
For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf.
Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
Posted: Wed Apr 29, 2009 5:51 am Post subject: [asterisk-dev] [Code Review] Consistent SSL/TLS options acro
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/237/#review755
-----------------------------------------------------------
Ship it!
I like this change. Note that SSL and TLS are not the same protocol. I think we have to document somewhere that even though the options are named "tls*" the also apply to SSL communication. Hopefully, very few devices out there does not support TLS, but nevertheless...
- Olle E
On 2009-04-28 14:49:50, David Vossel wrote:
Quote:
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/237/
-----------------------------------------------------------
(Updated 2009-04-28 14:49:50)
Review request for Asterisk Developers.
Summary
-------
ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix.
For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf.
Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
On 2009-04-29 01:40:59, Olle E Johansson wrote:
> I like this change. Note that SSL and TLS are not the same protocol. I think we have to document somewhere that even though the options are named "tls*" the also apply to SSL communication. Hopefully, very few devices out there does not support TLS, but nevertheless...
I'm in the process of creating another patch that should clarify any tlsv1, sslv2, and sslv3 issues. At the moment, asterisk acting as a host can accept both tls and ssl, but the client will only send sslv2, which is kind of weird. I'm adding another feature to let the user pick what protocol the client sends as well as documenting what exactly is going on.
- David
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/237/#review755
-----------------------------------------------------------
On 2009-04-28 14:49:50, David Vossel wrote:
Quote:
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
http://reviewboard.digium.com/r/237/
-----------------------------------------------------------
(Updated 2009-04-28 14:49:50)
Review request for Asterisk Developers.
Summary
-------
ast_tls_read_conf() is a new api call for handling SSL/TLS options across all conf files. Before this change, SSL/TLS options were not consistent. http.conf and manager.conf required the 'ssl' prefix while sip.conf used options with the 'tls' prefix. While the options had different names in different conf files, they all did the exact same thing. Now, instead of mixing 'ssl' or 'tls' prefixes to do the same thing depending on what conf file you're in, all SSL/TLS options use the 'tls' prefix.
For example. 'sslenable' in http.conf and manager.conf is now 'tlsenable' which matches what already existed in sip.conf.
Since this has the potential to break backwards compatibility, previous options containing the 'ssl' prefix still work, but they are no longer documented in the sample.conf files. The change is noted in the CHANGES file though.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum