Module: kamailio Branch: master Commit: fc7239b6cc171b9c1dc5d25f9aa1b759651996c3 URL: https://github.com/kamailio/kamailio/commit/fc7239b6cc171b9c1dc5d25f9aa1b759...
Author: Henning Westerholt hw@kamailio.org Committer: Henning Westerholt hw@kamailio.org Date: 2019-02-10T14:30:45+01:00
tls: add support for unique identifier PVs and select (GH #1843)
- add support for unique identifier PVs and select, related to issue GH #1843 - new PVs: $tls_peer_subject_uid and $tls_my_subject_uid - new selects: uid, uniqueIdentifier and unique_identifier
---
Modified: src/modules/tls/tls_select.c
---
Diff: https://github.com/kamailio/kamailio/commit/fc7239b6cc171b9c1dc5d25f9aa1b759... Patch: https://github.com/kamailio/kamailio/commit/fc7239b6cc171b9c1dc5d25f9aa1b759...
---
diff --git a/src/modules/tls/tls_select.c b/src/modules/tls/tls_select.c index ba765ff755..60c5307370 100644 --- a/src/modules/tls/tls_select.c +++ b/src/modules/tls/tls_select.c @@ -68,6 +68,7 @@ enum { COMP_URI, /* URI from subject/alternative */ COMP_E, /* Email address */ COMP_IP, /* IP from subject/alternative */ + COMP_UI, /* Unique identifier */ TLSEXT_SN /* Server name of the peer */ };
@@ -96,8 +97,9 @@ enum { PV_COMP_URI = 1<<17, /* URI from subject/alternative */ PV_COMP_E = 1<<18, /* Email address */ PV_COMP_IP = 1<<19, /* IP from subject/alternative */ + PV_COMP_UI = 1<<20, /* Unique identifier */
- PV_TLSEXT_SNI = 1<<20, /* Peer's server name (TLS extension) */ + PV_TLSEXT_SNI = 1<<21, /* Peer's server name (TLS extension) */ };
@@ -712,6 +714,7 @@ static int get_comp(str* res, int local, int issuer, int nid, sip_msg_t* msg) case NID_countryName: elem = "CountryName"; break; case NID_stateOrProvinceName: elem = "StateOrProvinceName"; break; case NID_localityName: elem = "LocalityName"; break; + case NID_x500UniqueIdentifier: elem = "UniqueIdentifier"; break; default: elem = "Unknown"; break; } DBG("Element %s not found in certificate subject/issuer\n", elem); @@ -759,6 +762,7 @@ static int sel_comp(str* res, select_t* s, sip_msg_t* msg) case COMP_C: nid = NID_countryName; break; case COMP_ST: nid = NID_stateOrProvinceName; break; case COMP_L: nid = NID_localityName; break; + case COMP_UI: nid = NID_x500UniqueIdentifier; break; default: BUG("Bug in sel_comp: %d\n", s->params[s->n - 1].v.i); return -1; @@ -806,6 +810,7 @@ static int pv_comp(sip_msg_t* msg, pv_param_t* param, pv_value_t* res) case PV_COMP_C: nid = NID_countryName; break; case PV_COMP_ST: nid = NID_stateOrProvinceName; break; case PV_COMP_L: nid = NID_localityName; break; + case PV_COMP_UI: nid = NID_x500UniqueIdentifier; break; default: nid = NID_undef; }
@@ -1132,6 +1137,10 @@ select_row_t tls_sel[] = { { sel_name, SEL_PARAM_STR, STR_STATIC_INIT("organizational_unit_name"), sel_comp, DIVERSION | COMP_OU}, { sel_name, SEL_PARAM_STR, STR_STATIC_INIT("unit"), sel_comp, DIVERSION | COMP_OU},
+ { sel_name, SEL_PARAM_STR, STR_STATIC_INIT("uid"), sel_comp, DIVERSION | COMP_UI}, + { sel_name, SEL_PARAM_STR, STR_STATIC_INIT("uniqueIdentifier"), sel_comp, DIVERSION | COMP_UI}, + { sel_name, SEL_PARAM_STR, STR_STATIC_INIT("unique_identifier"), sel_comp, DIVERSION | COMP_UI}, + { NULL, SEL_PARAM_INT, STR_NULL, NULL, 0} };
@@ -1251,6 +1260,13 @@ pv_export_t tls_pv[] = { {{"tls_my_issuer_unit", sizeof("tls_my_issuer_unit")-1}, PVT_OTHER, pv_comp, 0, 0, 0, pv_init_iname, PV_CERT_LOCAL | PV_CERT_ISSUER | PV_COMP_OU }, + /* unique identifier for peer and local */ + {{"tls_peer_subject_uid", sizeof("tls_peer_subject_uid")-1}, + PVT_OTHER, pv_comp, 0, + 0, 0, pv_init_iname, PV_CERT_PEER | PV_CERT_SUBJECT | PV_COMP_UI }, + {{"tls_my_subject_uid", sizeof("tls_my_subject_uid")-1}, + PVT_OTHER, pv_comp, 0, + 0, 0, pv_init_iname, PV_CERT_LOCAL | PV_CERT_SUBJECT | PV_COMP_UI }, /* subject alternative name parameters for peer and local */ {{"tls_peer_san_email", sizeof("tls_peer_san_email")-1}, PVT_OTHER, pv_alt, 0,
-
Henning Westerholt