# HG changeset patch
# User Michael Schloh von Bennewitz <michael@schloh.com>
# Date 1333126541 -7200
# Node ID 0bc1d0d1fe3aaf9fbdf30f075eabf91321830e86
# Parent  dd7b2195ce6f1193dfa970e320d672821dc3b567
Patch TLS domain logic to allow certless outgoing (UAC) connections.

diff -r dd7b2195ce6f -r 0bc1d0d1fe3a opensips/opensips.patch
--- a/opensips/opensips.patch	Fri Mar 30 18:53:57 2012 +0200
+++ b/opensips/opensips.patch	Fri Mar 30 18:55:41 2012 +0200
@@ -194,3 +194,34 @@
  	return 1;
  }
  
+Index: tls/tls_init.c
+diff -Nau tls/tls_init.c.orig tls/tls_init.c
+--- tls/tls_init.c.orig	2012-01-17 13:16:02.000000000 +0100
++++ tls/tls_init.c	2012-03-30 18:34:08.540354386 +0200
+@@ -617,7 +617,7 @@
+ 			d->cert_file = tls_cert_file;
+ 		}
+ 		if (load_certificate(d->ctx, d->cert_file) < 0)
+-			return -1;
++			LM_WARN("tls[%s:%d] proceeding with no certificate at all!\n", ip_addr2a(&d->addr), d->port);
+ 	
+ 		/*
+ 		* load ca 
+@@ -629,7 +629,7 @@
+ 			d->ca_file = tls_ca_file;
+ 		}
+ 		if (d->ca_file && load_ca(d->ctx, d->ca_file) < 0)
+-			return -1;
++			LM_WARN("tls[%s:%d] proceeding with no CA at all!\n", ip_addr2a(&d->addr), d->port);
+ 		d = d->next;
+ 	}
+ 
+@@ -644,7 +644,7 @@
+ 			d->pkey_file = tls_pkey_file;
+ 		}
+ 		if (load_private_key(d->ctx, d->pkey_file) < 0)
+-			return -1;
++			LM_WARN("tls[%s:%d] proceeding with no key at all!\n", ip_addr2a(&d->addr), d->port);
+ 		d = d->next;
+ 	}
+ 	return 0;
diff -r dd7b2195ce6f -r 0bc1d0d1fe3a opensips/opensips.spec
--- a/opensips/opensips.spec	Fri Mar 30 18:53:57 2012 +0200
+++ b/opensips/opensips.spec	Fri Mar 30 18:55:41 2012 +0200
@@ -388,6 +388,9 @@
         -e 's;\(#define MAX_SSL_RETRIES\) 32;\1 1024;' \
         tls/tls_server.c
     %{l_shtool} subst \
+        -e 's;LM_ERR(\("unable to load\);LM_WARN(\1;g' \
+        tls/tls_init.c
+    %{l_shtool} subst \
         -e 's;^\(default_bits[ \t]*=[ \t]*\)2048;\14096;' \
         etc/tls/ca.conf
     %{l_shtool} subst \