|Subject:||Re: [Linphone-developers] SSL/TLS certificate verification callback patch|
|Date:||Thu, 15 Jan 2015 11:15:44 -0500|
I could move the verify_cb_error_cb_t pointer into the belle_tls_verify_policy_t structure. I think that will mean adding a variable to store it in the Sal structure and a new function like sal_set_tls_verify_callback(). This new function would call set_tls_properties() where the callback pointer would be set in the listening point’s verify policy.
I can add also add a belle_sip_certificate_raw_format_t parameter to the callback pointer, however it will always be set to DER, never a PEM cert chain. The way the PolarSSL works, the callback is invoked for every certificate in the chain. The only way to modify that behavior would be to store the certificates inside belle-sip until reaching depth=0, and then calling a callback. That is a more complicated design. A third design would be to report the entire certificate chain after the connection fails; less flexible but the the application could use it to update the root ca PEM file.
The purpose of the flag variable is to communicate the individual certificate status to the callback. It can be used to short-circuit verification (for example, if PolarSSL trusts the certificate, the verify callback can return immediately) or to perform specific processing, like if there is a hostname mismatch, beyond just allowing or denying the connection, or simply to communicate the certificate status to the user.
If these changes sound good to you, I will try and modify the patch to suit your preferences. However, I do have a question. I mentioned in the patch code that linphone_core_iterate should be turned off while the verify callback is active. I originally wrote that for eXoSIP, and I’m not so sure that is true anymore with belle-sip. With some limited testing, it seems to work fine iterate active, but once I got an infinite loop of "belle_sip_main_loop_iterate([%p]): reentrancy detected, doing nothing.” errors. Is there a safe way to block in a belle-sip thread, or a way to pause main_loop_iterate?
Date: Thu, 15 Jan 2015 14:37:53 +0100
Description: Message signed with OpenPGP using GPGMail
|[Prev in Thread]||Current Thread||[Next in Thread]|