| Summary: | ASTERISK-07330: [patch] SSL connection for cdr_mysql | ||
| Reporter: | Martin Portmann (map) | Labels: | |
| Date Opened: | 2006-07-12 20:44:39 | Date Closed: | 2007-07-09 12:37:35 |
| Priority: | Major | Regression? | No |
| Status: | Closed/Complete | Components: | CDR/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) 7525.patch-1.4 ( 1) 7525.updated-patch ( 2) diff.txt | |
| Description: | I have several asterisk servers linked together. CDR records are keep at a central server on the internet using cdr_mysql. This connection is not secured. This patch allows optionally to use a SSL connection. ****** ADDITIONAL INFORMATION ****** Requisite: The mysql client library must be build with ssl support ('mysql --ssl --help' should not complain about wrong --ssl switch). Configuration: This patchs adds three parameters to the 'cdr_mysql.conf' file: ssl_ca, ssl_cert, ssl_key. This three parameters are files that must be readable by the asterisk server. The private key can not be encrypted (password protected). Other: A similar patch should be developed for res_config_mysql module. Perhaps I will need it in the future but if there is enough interest I might do anyways. | ||
| Comments: | By: Serge Vecher (serge-v) 2006-07-13 08:36:18 thanks -- moving this to look at after 1.4 fork. By: jmls (jmls) 2006-11-01 05:20:58.000-0600 this patch still applies to the latest trunk. However, could you upload another patch with the changes required to the cdr_mysql.conf file you mentioned. Were you able to do a patch for res_config_mysql ? Thanks. By: Anthony LaMantia (alamantia) 2006-11-21 12:14:12.000-0600 ping map: do you have those config updates? By: Anthony LaMantia (alamantia) 2007-01-05 13:14:39.000-0600 map...ping.. By: Dan Moschuk (dnatural) 2007-02-04 11:22:03.000-0600 This patch works great for me on both 1.2 and 1.4. I would just add ;ssl_ca=/etc/asterisk/cacert.pem ;ssl_cert=/etc/asterisk/server-cert.pem ;ssl_key=/etc/asterisk/server-key.pem to the sample config. By: Russell Bryant (russell) 2007-02-07 13:26:49.000-0600 One thing that would need to be done here before it can be merged is that the configure script needs to check if the mysql client library was built with ssl support. Then, it can build cdr_mysql with or without this new feature. By: Serge Vecher (serge-v) 2007-03-20 14:58:08 map: are you able to write that autoconfigure script? By: Steve Murphy (murf) 2007-07-06 13:29:44 OK, this has been sitting around a long time, and it looks useful, so I applied it to 1.4, and added a few cleanups; and I adapted it to the trunk version as well. I uploaded the trunk patch as 7525.updated-patch; and my slight mods to 1.4 are in 7525.patch-1.4. Please download and apply these patches! To keep them from bit-rotting, I'm going to check them both in a day or two, and we'll let the user community debug them for us. By: Steve Murphy (murf) 2007-07-09 12:37:33 No tester response. I applied the patch to asterisk-addons/trunk in v. 409. Too late for 1.4, sorry! Maybe somebody will test now! | ||