[OpenSIPS-Devel] [opensips] TLS: Client authentication with client certificate CN (#716)

Răzvan Crainea notifications at github.com
Tue Feb 23 16:56:11 CET 2016


The patch looks ok, but I think we can do this a little bit more flexible: instead of having two functions `tls_check_from` and `tls_check_to`, why don't we add a single one, i.e. `tls_check_username("user")`, that can receive a pvar as input, and checks the certificate username against it.

This way you can practically authenticate the client based on its alias, or user-account, instead of simple to or from usernames.

What do you think about this approach?

---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/716#issuecomment-187761962
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/devel/attachments/20160223/9ec1b04d/attachment.htm>


More information about the Devel mailing list