May 28, 2010
View facfe79d87

tls: fixed usage of error label

Daniel-Constantin Mierla authored on 27/05/2010 17:42:16 • Andrei Pelinescu-Onciul committed on 28/05/2010 18:52:49
View e0baf38ca3

tls: fix unregistered rpc commands

Andrei Pelinescu-Onciul authored on 26/05/2010 13:48:59
August 7, 2009
View a2bae03c17

tls: Set internal module name to "tls".

Jan Janak authored on 07/08/2009 11:35:39
April 23, 2009
View 024a23ebba

tls: don't start if tcp is in async mode

Andrei Pelinescu-Onciul authored on 20/04/2009 14:22:54
March 28, 2009
View 2701984ddd

Use shorter default send and SSL handshake timeouts

Jan Janak authored on 28/03/2009 11:13:24
March 27, 2009
View d1517292e9

Adding function is_peer_verified from kamailio

Jan Janak authored on 27/03/2009 17:47:43
View 7c0dd0275e

Switch to the openser module interface version

Jan Janak authored on 27/03/2009 17:36:18
June 6, 2008
View d037bb9db0

- Use the new configuration file parser

Jan Janak authored on 06/06/2008 00:03:06
February 8, 2008
View d128c59d5f

- Convert all relative pathnames of files to absolute with respect to the main SER configuration file (the external TLS config file and modparams) or the TLS config file (file included from there). - Use get_abs_pathname from sip_router/ut.c instead of the local function get_pathname

Jan Janak authored on 08/02/2008 05:38:39
June 7, 2007
View 30b49d1717

- updated all the child_init users to ignore or treat specially the PROC_INIT rank

Andrei Pelinescu-Onciul authored on 07/06/2007 21:46:56
February 28, 2007
View 66fff017aa

- added low_mem_threshold1 & low_mem_threshold2 (the ammount of free memory from which tls operations will start to fail preemptively is now configurable; by default the value depends on the number of processes) - doc update

Andrei Pelinescu-Onciul authored on 28/02/2007 01:38:47
February 10, 2007
View 6a8994c40b

- use the new tls hooks api (the core patch is no longer necessary) - renamed some of tls_.* functions to tls_h_.* to avoid name conflicts with the core - fixed shutdown tls before tcp bug (if ser was stopped while tls connections were still active, the tls module was destroyed before tcp => crash when tcp tried to close the tls connections). Now all the destroy operation are moved into the new destroy_tls hook and the module destroy function is empty.

Andrei Pelinescu-Onciul authored on 10/02/2007 19:02:04
February 1, 2007
View fc660aae7d

- openssl compression bug detect/workaround enabled at runtime (if zlib compression is detected, we replace openssl version with ours). The previous version had this fix but it was enabled only at compile-time. - SSL_OP_TLS_BLOCK_PADDING_BUG option disabled if 0.9.8 <= openssl < 0.9.8c and compresion is used (check at runtime) - more start-up sanity checks: - check if openssl used library version is close enough to the library with which the tls module was compiled (header files) For now it checks for the same major, minor and fix level (e.g. 0.9.8a && 0.9.8c are ok, 0.9.7b and 0.9.8a are not) - try to auto-detect (using the compile flags) if the used library was compiled with kerberos support and if the tls module was compiled with the same setting (or else we won't be able to enable the kerberos bug workarround). - more verbose start-up messages and errors - warning fixes - 2 new module parameters: tls_disable_compression (default 0) tls_force_run (default 0) -- will ignore the start-up sanity checks and continue running even if the library version/options are different References: openssl bugs #1468, #1467 & #1204 (

Andrei Pelinescu-Onciul authored on 01/02/2007 04:24:06
January 17, 2007
View b2aa9fd79c

- timeouts fixed (all the tcp timeouts use now ticks and not seconds)

Andrei Pelinescu-Onciul authored on 17/01/2007 20:24:05
November 15, 2006
View b5c9bd68c5

- tls init updated to the new get_max_procs() use (not allowed from mod_init()) - tls-core.patch updated to the latest tcp changes - lots of warnings and/or small errors fixed

Andrei Pelinescu-Onciul authored on 15/11/2006 19:55:13