Dirk-Willem van Gulik
2023-Aug-22 20:32 UTC
[asterisk-users] Quick patch for updated NL-ips
Thanks to those on IRC confirming quickly that this was not something supported (yet) in Asterisk. Below is a quick fix/patch to tcptls.c for Asterisk 18 against this particular provider. Dw static int check_tcptls_cert_name(ASN1_STRING *cert_str, const char *hostname, const char *desc) { unsigned char *str; int ret; ret = ASN1_STRING_to_UTF8(&str, cert_str); if (ret < 0 || !str) { return -1; } if (strlen((char *) str) != ret) { ast_log(LOG_WARNING, "Invalid certificate %s length (contains NULL bytes?)\n", desc); ret = -1; } else if (!strcasecmp(hostname, (char *) str)) { ret = 0; } else if (strlen(str) > 2 && str[0] == '*' && str[1] == '.' && strlen(str) - 2 <= strlen(hostname) && strcasecmp(hostname+strlen(hostname)-strlen(str)+2, str+2) == 0) { ast_log(LOG_WARNING,"Warning: allowing match on wildcard (%s =~ %s)\n", hostname, str); ret = 0; } else { ret = -1; } ast_debug(3, "SSL %s compare s1='%s' s2='%s'\n", desc, hostname, str); OPENSSL_free(str); return ret; } -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.digium.com/pipermail/asterisk-users/attachments/20230822/8ac3179f/attachment.html>
Maybe Matching Threads
- Recent openssl is required for OPENSSL_free [Re: Please test snapshots for 3.0 release] (fwd)
- OpenSSH-2.2.0p1 cores in openssl-0.9.6's bn_print.c
- Logging of comments on keys
- [Bug 2240] New: Secure PIN entry for smartcards through the keypad on the reader (patch)
- [Bug 2185] New: Allow entering the PIN via reader pinpad