Changeset 861 for pjproject/trunk/pjsip/include/pjsip
- Timestamp:
- Dec 25, 2006 6:43:59 AM (18 years ago)
- Location:
- pjproject/trunk/pjsip/include/pjsip
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
pjproject/trunk/pjsip/include/pjsip/sip_config.h
r849 r861 201 201 202 202 /** 203 * The TCP incoming connection backlog number to be set in accept(). 204 * 205 * Default: 5 206 * 207 * @see PJSIP_TLS_TRANSPORT_BACKLOG 208 */ 209 #ifndef PJSIP_TCP_TRANSPORT_BACKLOG 210 # define PJSIP_TCP_TRANSPORT_BACKLOG 5 211 #endif 212 213 214 /** 203 215 * This macro specifies whether full DNS resolution should be used. 204 216 * When enabled, #pjsip_resolve() will perform asynchronous DNS SRV and … … 217 229 * 218 230 * Default: 1 (enabled) 231 * 232 * @see PJSIP_MAX_RESOLVED_ADDRESSES 219 233 */ 220 234 #ifndef PJSIP_HAS_RESOLVER … … 229 243 * 230 244 * Default: 8 245 * 246 * @see PJSIP_HAS_RESOLVER 231 247 */ 232 248 #ifndef PJSIP_MAX_RESOLVED_ADDRESSES … … 243 259 #ifndef PJSIP_HAS_TLS_TRANSPORT 244 260 # define PJSIP_HAS_TLS_TRANSPORT 0 261 #endif 262 263 264 /** 265 * The TLS pending incoming connection backlog number to be set in accept(). 266 * 267 * Default: 5 268 * 269 * @see PJSIP_TCP_TRANSPORT_BACKLOG 270 */ 271 #ifndef PJSIP_TLS_TRANSPORT_BACKLOG 272 # define PJSIP_TLS_TRANSPORT_BACKLOG 5 245 273 #endif 246 274 -
pjproject/trunk/pjsip/include/pjsip/sip_errno.h
r718 r861 398 398 399 399 400 /************************************************************ 401 * TLS TRANSPORT ERRORS 402 ***********************************************************/ 403 /** 404 * @hideinitializer 405 * Unknown TLS error 406 */ 407 #define PJSIP_TLS_EUNKNOWN (PJSIP_ERRNO_START_PJSIP+160) /* 171160 */ 408 /** 409 * @hideinitializer 410 * Invalid SSL protocol method. 411 */ 412 #define PJSIP_TLS_EINVMETHOD (PJSIP_ERRNO_START_PJSIP+161) /* 171161 */ 413 /** 414 * @hideinitializer 415 * Error loading/verifying SSL CA list file. 416 */ 417 #define PJSIP_TLS_ECACERT (PJSIP_ERRNO_START_PJSIP+162) /* 171162 */ 418 /** 419 * @hideinitializer 420 * Error loading SSL certificate chain file. 421 */ 422 #define PJSIP_TLS_ECERTFILE (PJSIP_ERRNO_START_PJSIP+163) /* 171163 */ 423 /** 424 * @hideinitializer 425 * Error adding private key from SSL certificate file. 426 */ 427 #define PJSIP_TLS_EKEYFILE (PJSIP_ERRNO_START_PJSIP+164) /* 171164 */ 428 /** 429 * @hideinitializer 430 * Error setting SSL cipher list. 431 */ 432 #define PJSIP_TLS_ECIPHER (PJSIP_ERRNO_START_PJSIP+165) /* 171165 */ 433 /** 434 * @hideinitializer 435 * Error creating SSL context. 436 */ 437 #define PJSIP_TLS_ECTX (PJSIP_ERRNO_START_PJSIP+166) /* 171166 */ 438 /** 439 * @hideinitializer 440 * Error creating SSL connection object. 441 */ 442 #define PJSIP_TLS_ESSLCONN (PJSIP_ERRNO_START_PJSIP+167) /* 171167 */ 443 /** 444 * @hideinitializer 445 * Unknown error when performing SSL connect(). 446 */ 447 #define PJSIP_TLS_ECONNECT (PJSIP_ERRNO_START_PJSIP+168) /* 171168 */ 448 /** 449 * @hideinitializer 450 * Unknown error when performing SSL accept(). 451 */ 452 #define PJSIP_TLS_EACCEPT (PJSIP_ERRNO_START_PJSIP+169) /* 171169 */ 453 /** 454 * @hideinitializer 455 * Unknown error when sending SSL data 456 */ 457 #define PJSIP_TLS_ESEND (PJSIP_ERRNO_START_PJSIP+170) /* 171170 */ 458 /** 459 * @hideinitializer 460 * Unknown error when reading SSL data 461 */ 462 #define PJSIP_TLS_EREAD (PJSIP_ERRNO_START_PJSIP+171) /* 171171 */ 463 /** 464 * @hideinitializer 465 * SSL negotiation has exceeded the maximum configured timeout. 466 */ 467 #define PJSIP_TLS_ETIMEDOUT (PJSIP_ERRNO_START_PJSIP+172) /* 171172 */ 468 469 400 470 401 471 -
pjproject/trunk/pjsip/include/pjsip/sip_transport_tcp.h
r742 r861 37 37 * the transport to the framework. 38 38 */ 39 40 /**41 * The TCP incoming connection backlog number.42 * Default: 543 */44 #ifndef PJSIP_TCP_TRANSPORT_BACKLOG45 # define PJSIP_TCP_TRANSPORT_BACKLOG 546 #endif47 48 39 49 40 /** -
pjproject/trunk/pjsip/include/pjsip/sip_transport_tls.h
r849 r861 26 26 27 27 #include <pjsip/sip_transport.h> 28 #include <pj/string.h> 29 28 30 29 31 PJ_BEGIN_DECL … … 38 40 */ 39 41 42 /** SSL protocol method constants. */ 43 typedef enum pjsip_ssl_method 44 { 45 PJSIP_SSL_DEFAULT_METHOD = 0, /**< Default protocol method. */ 46 PJSIP_TLSV1_METHOD = 1, /**< Use SSLv1 method. */ 47 PJSIP_SSLV2_METHOD = 2, /**< Use SSLv2 method. */ 48 PJSIP_SSLV3_METHOD = 3, /**< Use SSLv3 method. */ 49 PJSIP_SSLV23_METHOD = 23 /**< Use SSLv23 method. */ 50 } pjsip_ssl_method; 51 52 53 /** 54 * TLS transport settings. 55 */ 56 typedef struct pjsip_tls_setting 57 { 58 /** 59 * Certificate of Authority (CA) list file. 60 */ 61 pj_str_t ca_list_file; 62 63 /** 64 * Public endpoint certificate file, which will be used as client- 65 * side certificate for outgoing TLS connection, and server-side 66 * certificate for incoming TLS connection. 67 */ 68 pj_str_t cert_file; 69 70 /** 71 * Optional private key of the endpoint certificate to be used. 72 */ 73 pj_str_t privkey_file; 74 75 /** 76 * Password to open private key. 77 */ 78 pj_str_t password; 79 80 /** 81 * TLS protocol method from #pjsip_ssl_method, which can be: 82 * - PJSIP_SSL_DEFAULT_METHOD(0): default (which will use SSLv23) 83 * - PJSIP_TLSV1_METHOD(1): TLSv1 84 * - PJSIP_SSLV2_METHOD(2): TLSv2 85 * - PJSIP_SSLV3_METHOD(3): TLSv3 86 * - PJSIP_SSLV23_METHOD(23): TLSv23 87 * 88 * Default is PJSIP_SSL_DEFAULT_METHOD (0), which will use SSLv23 89 * protocol method. 90 */ 91 int method; 92 93 /** 94 * TLS cipher list string in OpenSSL format. If empty, then default 95 * cipher list of the backend will be used. 96 */ 97 pj_str_t ciphers; 98 99 /** 100 * When PJSIP is acting as a client (outgoing TLS connections), 101 * it will always receive a certificate from the peer. 102 * If \a verify_server is disabled (set to zero), PJSIP will not 103 * verifiy the certificate and allows TLS connections to servers 104 * which do not present a valid certificate. 105 * If \a tls_verify_server is non-zero, PJSIP verifies the server 106 * certificate and will close the TLS connection if the server 107 * certificate is not valid. 108 * 109 * This setting corresponds to OpenSSL SSL_VERIFY_PEER flag. 110 * Default value is zero. 111 */ 112 pj_bool_t verify_server; 113 114 /** 115 * When acting as server (incoming TLS connections), setting 116 * \a verify_client to non-zero will cause the transport to activate 117 * peer verification upon receiving incoming TLS connection. 118 * 119 * This setting corresponds to OpenSSL SSL_VERIFY_PEER flag. 120 * Default value is zero. 121 */ 122 pj_bool_t verify_client; 123 124 /** 125 * When acting as server (incoming TLS connections), reject inocming 126 * connection if client doesn't have a valid certificate. 127 * 128 * This setting corresponds to SSL_VERIFY_FAIL_IF_NO_PEER_CERT flag. 129 * Default value is zero. 130 */ 131 pj_bool_t require_client_cert; 132 133 /** 134 * TLS negotiation timeout to be applied for both outgoing and 135 * incoming connection. If both sec and msec member is set to zero, 136 * the SSL negotiation doesn't have a timeout. 137 */ 138 pj_time_val timeout; 139 140 } pjsip_tls_setting; 141 142 143 /** 144 * Initialize TLS setting with default values. 145 * 146 * @param tls_opt The TLS setting to be initialized. 147 */ 148 PJ_INLINE(void) pjsip_tls_setting_default(pjsip_tls_setting *tls_opt) 149 { 150 pj_memset(tls_opt, 0, sizeof(*tls_opt)); 151 } 152 153 154 /** 155 * Copy TLS setting. 156 * 157 * @param pool The pool to duplicate strings etc. 158 * @param dst Destination structure. 159 * @param src Source structure. 160 */ 161 PJ_INLINE(void) pjsip_tls_setting_copy(pj_pool_t *pool, 162 pjsip_tls_setting *dst, 163 const pjsip_tls_setting *src) 164 { 165 pj_memcpy(dst, src, sizeof(*dst)); 166 pj_strdup_with_null(pool, &dst->ca_list_file, &src->ca_list_file); 167 pj_strdup_with_null(pool, &dst->cert_file, &src->cert_file); 168 pj_strdup_with_null(pool, &dst->privkey_file, &src->privkey_file); 169 pj_strdup_with_null(pool, &dst->password, &src->password); 170 pj_strdup_with_null(pool, &dst->ciphers, &src->ciphers); 171 } 172 173 40 174 /** 41 175 * Register support for SIP TLS transport by creating TLS listener on … … 45 179 * 46 180 * @param endpt The SIP endpoint. 47 * @param keyfile Path to keys and certificate file. 48 * @param password Password to open the private key. 49 * @param ca_list_file Path to Certificate of Authority file. 181 * @param opt Optional TLS settings. 50 182 * @param local Optional local address to bind, or specify the 51 183 * address to bind the server socket to. Both IP … … 72 204 */ 73 205 PJ_DECL(pj_status_t) pjsip_tls_transport_start(pjsip_endpoint *endpt, 74 const pj_str_t *keyfile, 75 const pj_str_t *password, 76 const pj_str_t *ca_list_file, 206 const pjsip_tls_setting *opt, 77 207 const pj_sockaddr_in *local, 78 208 const pjsip_host_port *a_name,
Note: See TracChangeset
for help on using the changeset viewer.