dtls: Add support for ephemeral DTLS certificates.
authorSean Bright <sean.bright@gmail.com>
Fri, 29 Sep 2017 14:50:17 +0000 (14:50 +0000)
committerJoshua Colp <jcolp@digium.com>
Mon, 6 Nov 2017 13:11:48 +0000 (08:11 -0500)
commit04d3785a798e984a5f5d43ec5f124a9b30a58b9e
tree06ac1ee5a7f04a5edf27e556e0825a31d9dd5c5f
parentbe5b7b2076a577c2a994e752b152c5242fb29ce7
dtls: Add support for ephemeral DTLS certificates.

This mimics the behavior of Chrome and Firefox and creates an ephemeral
X.509 certificate for each DTLS session.

Currently, the only supported key type is ECDSA because of its faster
generation time, but other key types can be added in the future as
necessary.

ASTERISK-27395

Change-Id: I5122e5f4b83c6320cc17407a187fcf491daf30b4
CHANGES
channels/chan_sip.c
configs/samples/pjsip.conf.sample
configs/samples/sip.conf.sample
contrib/ast-db-manage/config/versions/041c0d3d1857_add_dtls_auto_gen_cert.py [new file with mode: 0644]
include/asterisk/rtp_engine.h
main/rtp_engine.c
res/res_pjsip.c
res/res_pjsip/pjsip_configuration.c
res/res_rtp_asterisk.c