--- include/asterisk/tcptls.h (Asterisk 13.21) +++ include/asterisk/tcptls.h (working copy) @@ -46,32 +46,28 @@ * be run earlier in the startup process so modules have it available. * * \ref AstTlsOverview - * - * \todo For SIP, the SubjectAltNames should be checked on verification - * of the certificate. (Check RFC 5922) - * */ #ifndef _ASTERISK_TCPTLS_H #define _ASTERISK_TCPTLS_H -#include "asterisk/netsock2.h" -#include "asterisk/utils.h" +#include "asterisk.h" + +#include /* for pthread_t */ + +#include "asterisk/netsock2.h" /* for ast_sockaddr */ +#include "asterisk/utils.h" /* for ast_flags */ + +struct ssl_st; /* forward declaration */ +struct ssl_ctx_st; /* forward declaration */ +struct timeval; /* forward declaration */ +typedef struct ssl_st SSL; +typedef struct ssl_ctx_st SSL_CTX; #if defined(HAVE_OPENSSL) && (defined(HAVE_FUNOPEN) || defined(HAVE_FOPENCOOKIE)) #define DO_SSL /* comment in/out if you want to support ssl */ #endif -#ifdef DO_SSL -#include -#include -#include -#else -/* declare dummy types so we can define a pointer to them */ -typedef struct {} SSL; -typedef struct {} SSL_CTX; -#endif /* DO_SSL */ - /*! SSL support */ #define AST_CERTFILE "asterisk.pem" --- main/tcptls.c (Asterisk 13.21) +++ main/tcptls.c (working copy) @@ -25,33 +25,52 @@ * \author Brett Bryant */ -/*** MODULEINFO - openssl - core - ***/ - #include "asterisk.h" ASTERISK_FILE_VERSION(__FILE__, "$Revision$") -#ifdef HAVE_FCNTL_H -#include -#endif +#include "asterisk/tcptls.h" /* for ast_tls_config, ast_tcptls_se... */ -#include -#include -#include - -#include "asterisk/compat.h" -#include "asterisk/tcptls.h" -#include "asterisk/http.h" -#include "asterisk/utils.h" -#include "asterisk/strings.h" -#include "asterisk/options.h" -#include "asterisk/manager.h" -#include "asterisk/astobj2.h" -#include "asterisk/pbx.h" -#include "asterisk/app.h" +#ifdef HAVE_FCNTL_H +#include /* for O_NONBLOCK */ +#endif /* HAVE_FCNTL_H */ +#include /* for IPPROTO_TCP */ +#ifdef DO_SSL +#include /* for ASN1_STRING_to_UTF8 */ +#include /* for OPENSSL_free */ +#include /* for ERR_error_string */ +#include /* for OPENSSL_NO_SSL3_METHOD, OPENS... */ +#include /* for OPENSSL_VERSION_NUMBER */ +#include /* for STACK_OF */ +#include /* for SSL_CTX_free, SSL_get_error, ... */ +#include /* for X509_free, X509_NAME_ENTRY_ge... */ +#include /* for GENERAL_NAME, sk_GENERAL_NAME... */ +#ifndef OPENSSL_NO_DH +#include /* for BIO_free, BIO_new_file */ +#include /* for DH_free */ +#include /* for PEM_read_bio_DHparams */ +#endif /* OPENSSL_NO_DH */ +#ifndef OPENSSL_NO_EC +#include /* for EC_KEY_free, EC_KEY_new_by_cu... */ +#endif /* OPENSSL_NO_EC */ +#endif /* DO_SSL */ +#include /* for pthread_cancel, pthread_join */ +#include /* for pthread_kill, SIGURG */ +#include /* for setsockopt, shutdown, socket */ +#include /* for stat */ +#include /* for timeval */ + +#include "asterisk/app.h" /* for ast_read_textfile */ +#include "asterisk/astobj2.h" /* for ao2_ref, ao2_t_ref, ao2_alloc */ +#include "asterisk/compat.h" /* for strcasecmp */ +#include "asterisk/config.h" /* for ast_parse_arg, ast_parse_flag... */ +#include "asterisk/lock.h" /* for AST_PTHREADT_NULL */ +#include "asterisk/logger.h" /* for ast_log, LOG_ERROR, ast_debug */ +#include "asterisk/netsock2.h" /* for ast_sockaddr_copy, ast_sockad... */ +#include "asterisk/pbx.h" /* for ast_thread_inhibit_escalations */ +#include "asterisk/threadstorage.h" /* for ast_threadstorage_get, AST_TH... */ +#include "asterisk/time.h" /* for ast_remaining_ms, ast_tvnow */ +#include "asterisk/utils.h" /* for ast_true, ast_free, ast_wait_... */ /*! ao2 object used for the FILE stream fopencookie()/funopen() cookie. */ struct ast_tcptls_stream {