Changeset 5192
Changeset index | Previous changeset | Next changeset

Removed the static paths to the ssl certificates

Committed by:  wildzero-cw
Date:  Aug 17 2008 * 23:29 (4 months ago)

Affected files:

callweaver/branches/srtp_tls/channels/chan_sip.c (unified diff)

r5176r5192
2020 * \file
2121 * \brief Implementation of Session Initiation Protocol
2222 *
23 * Implementation of RFC 3261 - without S/MIME, TCP and TLS support
23 * Implementation of RFC 3261 - without S/MIME
24 * TCP and TLS support is in progress
25 *
2426 * Configuration file \link Config_sip sip.conf \endlink
2527 *
26 * \todo SIP over TCP
27 * \todo SIP over TLS
28 * \todo SIP over TCP -> in progress
29 * \todo SIP over TLS -> in progress
30 *
2831 * \todo Better support of forking
2932 */
3033 #ifdef HAVE_CONFIG_H
------
498501
499502 #ifdef SIP_TCP_SUPPORT
500503 #define MAX_PATH_LEN 100
501 #define DEFAULT_SIP_TLS_PORT 5061 /* From RFC 3261 */
502 #define DEFAULT_PASSWORD "callweaver"
504 #define DEFAULT_SIP_TLS_PORT 5061 /* From RFC 3261 */
503505 #define DEFAULT_ENTROPY "/dev/urandom"
504 #define DEFAULT_TRUSTCERTS "/var/lib/callweaver/keys/trustcerts.pem"
505 #define DEFAULT_TRUSTCERTSDIR "/var/lib/callweaver/keys/trustdir"
506 #define DEFAULT_SERVERCERT "/var/lib/callweaver/keys/servercert.pem"
507 #define DEFAULT_SERVEREKEY "/var/lib/callweaver/keys/serverkey.pem"
508 #define DEFAULT_DH512 "/var/lib/callweaver/keys/dh512.pem"
509 #define DEFAULT_DH1024 "/var/lib/callweaver/keys/dh1024.pem"
510 #define CIPHER_LIST "ALL"
506 #define CIPHER_LIST "ALL"
507 */ #define DEFAULT_TRUSTCERTSDIR "/usr/share/callweaver/keys/trustdir" */
511508
512 static char trustcerts_file[MAX_PATH_LEN] = DEFAULT_TRUSTCERTS;
513 static char servercert_file[MAX_PATH_LEN] = DEFAULT_SERVERCERT;
514 static char serverkey_file[MAX_PATH_LEN] = DEFAULT_SERVEREKEY;
515 static char serverkey_password[MAX_PATH_LEN] = DEFAULT_PASSWORD;
516 static char dh512param_file[MAX_PATH_LEN] = DEFAULT_DH512;
517 static char dh1024param_file[MAX_PATH_LEN] = DEFAULT_DH1024;
509 static char trustcerts_file[MAX_PATH_LEN];
510 static char servercert_file[MAX_PATH_LEN];
511 static char serverkey_file[MAX_PATH_LEN];
512 static char serverkey_password[MAX_PATH_LEN];
513 static char dh512param_file[MAX_PATH_LEN];
514 static char dh1024param_file[MAX_PATH_LEN];
518515 #endif
519516
520517 static int usecnt =0;
------
1713617133 tos = 0;
1713717134 expiry = DEFAULT_EXPIRY;
1713817135 global_allowguest = 1;
17136 #ifdef SIP_TCP_SUPPORT
17137 snprintf(trustcerts_file, sizeof(trustcerts_file),"%s/trustcerts.pem", cw_config_CW_KEY_DIR);
17138 snprintf(servercert_file, sizeof(servercert_file),"%s/servercert.pem", cw_config_CW_KEY_DIR);
17139 snprintf(serverkey_file, sizeof(serverkey_file),"%s/serverkey.pem", cw_config_CW_KEY_DIR);
17140 snprintf(dh512param_file, sizeof(dh512param_file),"%s/dh512.pem", cw_config_CW_KEY_DIR);
17141 snprintf(dh1024param_file, sizeof(dh1024param_file),"%s/dh1024.pem", cw_config_CW_KEY_DIR);
17142 #endif
1713917143
1714017144 /* Copy the default jb config over global_jbconf */
1714117145 cw_jb_default_config(&global_jbconf);

callweaver/branches/srtp_tls/configs/sip.conf.sample (unified diff)

r4975r5192
116116 ; unknown peers (i.e. unknown RTT) fail quickly you may want to give
117117 ; up sooner. Note, though, that this would violate the standard.
118118
119 ;TLS certificates
120 ;serverkeypassword=callweaver
121 ;trustcerts=/usr/local/share/callweaver/keys//trustedcert.pem ; Trusted root CA or certificates files
122 ;servercert=/usr/local/share/callweaver/keys/servercert.pem ; CallWeaver server certificate file
123 ;serverkey=/usr/local/share/callweaver/keys/serverkey.pem ; CallWeaver server private key file
124 :dh512param=/usr/local/share/callweaver/keys/dh512.pem ; ephemeral Diffe-Hellman parameter
125 ;dh1024param=/usr/local/share/callweaver/keys/dh1024.pem ; ephemeral Diffe-Hellman parameter
126
119127 ;
120128 ; If regcontext is specified, CallWeaver will dynamically create and destroy a
121129 ; NoOp priority 1 extension for a given peer who registers or unregisters with