Add common name certificate verification function in sal

[linphone] / coreapi / sal_eXosip2.c

diff --git a/coreapi/sal_eXosip2.c b/coreapi/sal_eXosip2.c
index 203c7cb92c48862b75494f37003b5a2b0d8c178f..93686a75e538985ac16385236072540fe4d50435 100644 (file)
--- a/coreapi/sal_eXosip2.c
+++ b/coreapi/sal_eXosip2.c
@@ -282,6 +282,7 @@ Sal * sal_init(){
        sal->reuse_authorization=FALSE;
        sal->rootCa = 0;
        sal->verify_server_certs=TRUE;
+       sal->verify_server_cn=TRUE;
        sal->expire_old_contact=FALSE;
        sal->add_dates=FALSE;
        sal->dscp=-1;
@@ -378,6 +379,9 @@ static void set_tls_options(Sal *ctx){
 #ifdef HAVE_EXOSIP_TLS_VERIFY_CERTIFICATE
        eXosip_tls_verify_certificate(ctx->verify_server_certs);
 #endif
+#ifdef HAVE_EXOSIP_TLS_VERIFY_CN
+       eXosip_tls_verify_cn(ctx->verify_server_cn);
+#endif
 }
 
 void sal_set_dscp(Sal *ctx, int dscp){
@@ -499,6 +503,13 @@ void sal_verify_server_certificates(Sal *ctx, bool_t verify){
 #endif
 }
 
+void sal_verify_server_cn(Sal *ctx, bool_t verify){
+       ctx->verify_server_cn=verify;
+#ifdef HAVE_EXOSIP_TLS_VERIFY_CN
+       eXosip_tls_verify_cn(verify);
+#endif
+}
+
 static int extract_received_rport(osip_message_t *msg, const char **received, int *rportval,SalTransport* transport){
        osip_via_t *via=NULL;
        osip_generic_param_t *param=NULL;