path: root/src/osmo_common.c
diff options
authorHolger Hans Peter Freyther <holger@moiji-mobile.com>2016-08-25 23:07:44 +0200
committerHolger Hans Peter Freyther <holger@moiji-mobile.com>2016-09-08 16:16:55 +0200
commitc266796caaaf8a8c2a6c4a971a5fc18975b73f8e (patch)
treea88b5f91da0b7330bd044ce54b87f17d6d47465d /src/osmo_common.c
parentc1c194393b1c568961623c939efd5ae118903440 (diff)
client: Initial support for TLS in the client
Use GNUtls because it is GPL compatible and instead of mbedTLS seems to have a working non-blocking I/O integration. GNUtls has various issues that could not be resolved easily: * Pick spdy as sub protocol * gmt_time not randomized * private key loaded to RAM (but not verified) This is the beginning and not the end. Client support might need more work with actual tls verification. Maybe more manual x509 cert verification is needed and maybe client certs don't work at all. I try to ignore renegotiation as I threw away the key. Reload x509 creds and keys as they might have changed from one connection to another. Change-Id: I9128e14084da1fc2705f858393f98b8133996172
Diffstat (limited to 'src/osmo_common.c')
1 files changed, 6 insertions, 0 deletions
diff --git a/src/osmo_common.c b/src/osmo_common.c
index 33ec1b2..bb7d011 100644
--- a/src/osmo_common.c
+++ b/src/osmo_common.c
@@ -49,6 +49,12 @@ static const struct log_info_cat default_categories[] = {
.color = "\033[1;34m",
.enabled = 1, .loglevel = LOGL_NOTICE,
+ [DTLS] = {
+ .name = "DTLS",
+ .description = "TLS code",
+ .color = "\033[1;34m",
+ .enabled = 1, .loglevel = LOGL_NOTICE,
+ },
const struct log_info log_info = {