http_async_client: review tls-related param names and vars

modules/http_async_client/async_http.c

@@ -199,37 +199,37 @@ void notification_socket_cb(int fd, short event, void *arg)
 	post = ((str)aq->post);
 
 	query_params.timeout = aq->query_params.timeout;
-	query_params.verify_peer = aq->query_params.verify_peer;
-	query_params.verify_host = aq->query_params.verify_host;
+	query_params.tls_verify_peer = aq->query_params.tls_verify_peer;
+	query_params.tls_verify_host = aq->query_params.tls_verify_host;
 	query_params.headers = NULL;
 	for (i = 0 ; i < aq->query_params.headers.len ; i++) {
 		query_params.headers = curl_slist_append(query_params.headers, aq->query_params.headers.t[i]);
 	}
 	query_params.method  = aq->query_params.method;
 
-	query_params.ssl_cert.s = NULL;
-	query_params.ssl_cert.len = 0;
-	if (aq->query_params.ssl_cert.s && aq->query_params.ssl_cert.len > 0) {
-		if (shm_str_dup(&query_params.ssl_cert, &(aq->query_params.ssl_cert)) < 0) {
-			LM_ERR("Error allocating query_params.ssl_cert\n");
+	query_params.tls_client_cert.s = NULL;
+	query_params.tls_client_cert.len = 0;
+	if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) {
+		if (shm_str_dup(&query_params.tls_client_cert, &(aq->query_params.tls_client_cert)) < 0) {
+			LM_ERR("Error allocating query_params.tls_client_cert\n");
 			return;
 		}
 	}
 
-	query_params.ssl_key.s = NULL;
-	query_params.ssl_key.len = 0;
-	if (aq->query_params.ssl_key.s && aq->query_params.ssl_key.len > 0) {
-		if (shm_str_dup(&query_params.ssl_key, &(aq->query_params.ssl_key)) < 0) {
-			LM_ERR("Error allocating query_params.ssl_key\n");
+	query_params.tls_client_key.s = NULL;
+	query_params.tls_client_key.len = 0;
+	if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) {
+		if (shm_str_dup(&query_params.tls_client_key, &(aq->query_params.tls_client_key)) < 0) {
+			LM_ERR("Error allocating query_params.tls_client_key\n");
 			return;
 		}
 	}
 
-	query_params.ca_path.s = NULL;
-	query_params.ca_path.len = 0;
-	if (aq->query_params.ca_path.s && aq->query_params.ca_path.len > 0) {
-		if (shm_str_dup(&query_params.ca_path, &(aq->query_params.ca_path)) < 0) {
-			LM_ERR("Error allocating query_params.ca_path\n");
+	query_params.tls_ca_path.s = NULL;
+	query_params.tls_ca_path.len = 0;
+	if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) {
+		if (shm_str_dup(&query_params.tls_ca_path, &(aq->query_params.tls_ca_path)) < 0) {
+			LM_ERR("Error allocating query_params.tls_ca_path\n");
 			return;
 		}
 	}
@@ -241,20 +241,20 @@ void notification_socket_cb(int fd, short event, void *arg)
 		free_async_query(aq);
 	}
 
-	if (query_params.ssl_cert.s && query_params.ssl_cert.len > 0) {
-		shm_free(query_params.ssl_cert.s);
-		query_params.ssl_cert.s = NULL;
-		query_params.ssl_cert.len = 0;
+	if (query_params.tls_client_cert.s && query_params.tls_client_cert.len > 0) {
+		shm_free(query_params.tls_client_cert.s);
+		query_params.tls_client_cert.s = NULL;
+		query_params.tls_client_cert.len = 0;
 	}
-	if (query_params.ssl_key.s && query_params.ssl_key.len > 0) {
-		shm_free(query_params.ssl_key.s);
-		query_params.ssl_key.s = NULL;
-		query_params.ssl_key.len = 0;
+	if (query_params.tls_client_key.s && query_params.tls_client_key.len > 0) {
+		shm_free(query_params.tls_client_key.s);
+		query_params.tls_client_key.s = NULL;
+		query_params.tls_client_key.len = 0;
 	}
-	if (query_params.ca_path.s && query_params.ca_path.len > 0) {
-		shm_free(query_params.ca_path.s);
-		query_params.ca_path.s = NULL;
-		query_params.ca_path.len = 0;
+	if (query_params.tls_ca_path.s && query_params.tls_ca_path.len > 0) {
+		shm_free(query_params.tls_ca_path.s);
+		query_params.tls_ca_path.s = NULL;
+		query_params.tls_ca_path.len = 0;
 	}
 
 	return;
@@ -326,36 +326,36 @@ int async_send_query(sip_msg_t *msg, str *query, str *post, cfg_action_t *act)
 	aq->tindex = tindex;
 	aq->tlabel = tlabel;
 	
-	aq->query_params.verify_peer = ah_params.verify_peer;
-	aq->query_params.verify_host = ah_params.verify_host;
+	aq->query_params.tls_verify_peer = ah_params.tls_verify_peer;
+	aq->query_params.tls_verify_host = ah_params.tls_verify_host;
 	aq->query_params.suspend_transaction = suspend;
 	aq->query_params.timeout = ah_params.timeout;
 	aq->query_params.headers = ah_params.headers;
 	aq->query_params.method = ah_params.method;
 
-	aq->query_params.ssl_cert.s = NULL;
-	aq->query_params.ssl_cert.len = 0;
-	if (ah_params.ssl_cert.s && ah_params.ssl_cert.len > 0) {
-		if (shm_str_dup(&aq->query_params.ssl_cert, &(ah_params.ssl_cert)) < 0) {
-			LM_ERR("Error allocating aq->query_params.ssl_cert\n");
+	aq->query_params.tls_client_cert.s = NULL;
+	aq->query_params.tls_client_cert.len = 0;
+	if (ah_params.tls_client_cert.s && ah_params.tls_client_cert.len > 0) {
+		if (shm_str_dup(&aq->query_params.tls_client_cert, &(ah_params.tls_client_cert)) < 0) {
+			LM_ERR("Error allocating aq->query_params.tls_client_cert\n");
 			goto error;
 		}
 	}
 
-	aq->query_params.ssl_key.s = NULL;
-	aq->query_params.ssl_key.len = 0;
-	if (ah_params.ssl_key.s && ah_params.ssl_key.len > 0) {
-		if (shm_str_dup(&aq->query_params.ssl_key, &(ah_params.ssl_key)) < 0) {
-			LM_ERR("Error allocating aq->query_params.ssl_key\n");
+	aq->query_params.tls_client_key.s = NULL;
+	aq->query_params.tls_client_key.len = 0;
+	if (ah_params.tls_client_key.s && ah_params.tls_client_key.len > 0) {
+		if (shm_str_dup(&aq->query_params.tls_client_key, &(ah_params.tls_client_key)) < 0) {
+			LM_ERR("Error allocating aq->query_params.tls_client_key\n");
 			goto error;
 		}
 	}
 
-	aq->query_params.ca_path.s = NULL;
-	aq->query_params.ca_path.len = 0;
-	if (ah_params.ca_path.s && ah_params.ca_path.len > 0) {
-		if (shm_str_dup(&aq->query_params.ca_path, &(ah_params.ca_path)) < 0) {
-			LM_ERR("Error allocating aq->query_params.ca_path\n");
+	aq->query_params.tls_ca_path.s = NULL;
+	aq->query_params.tls_ca_path.len = 0;
+	if (ah_params.tls_ca_path.s && ah_params.tls_ca_path.len > 0) {
+		if (shm_str_dup(&aq->query_params.tls_ca_path, &(ah_params.tls_ca_path)) < 0) {
+			LM_ERR("Error allocating aq->query_params.tls_ca_path\n");
 			goto error;
 		}
 	}
@@ -412,44 +412,44 @@ void init_query_params(struct query_params *p) {
 void set_query_params(struct query_params *p) {
 	p->headers.len = 0;
 	p->headers.t = NULL;
-	p->verify_host = verify_host;
-	p->verify_peer = verify_peer;
+	p->tls_verify_host = tls_verify_host;
+	p->tls_verify_peer = tls_verify_peer;
 	p->suspend_transaction = 1;
 	p->timeout = http_timeout;
 	p->method = AH_METH_DEFAULT;
 
-	if (p->ssl_cert.s && p->ssl_cert.len > 0) {
-		shm_free(p->ssl_cert.s);
-		p->ssl_cert.s = NULL;
-		p->ssl_cert.len = 0;
+	if (p->tls_client_cert.s && p->tls_client_cert.len > 0) {
+		shm_free(p->tls_client_cert.s);
+		p->tls_client_cert.s = NULL;
+		p->tls_client_cert.len = 0;
 	}
-	if (ssl_cert.s && ssl_cert.len > 0) {
-		if (shm_str_dup(&p->ssl_cert, &ssl_cert) < 0) {
-			LM_ERR("Error allocating ssl_cert\n");
+	if (tls_client_cert.s && tls_client_cert.len > 0) {
+		if (shm_str_dup(&p->tls_client_cert, &tls_client_cert) < 0) {
+			LM_ERR("Error allocating tls_client_cert\n");
 			return;
 		}
 	}
 
-	if (p->ssl_key.s && p->ssl_key.len > 0) {
-		shm_free(p->ssl_key.s);
-		p->ssl_key.s = NULL;
-		p->ssl_key.len = 0;
+	if (p->tls_client_key.s && p->tls_client_key.len > 0) {
+		shm_free(p->tls_client_key.s);
+		p->tls_client_key.s = NULL;
+		p->tls_client_key.len = 0;
 	}
-	if (ssl_key.s && ssl_key.len > 0) {
-		if (shm_str_dup(&p->ssl_key, &ssl_key) < 0) {
-			LM_ERR("Error allocating ssl_key\n");
+	if (tls_client_key.s && tls_client_key.len > 0) {
+		if (shm_str_dup(&p->tls_client_key, &tls_client_key) < 0) {
+			LM_ERR("Error allocating tls_client_key\n");
 			return;
 		}
 	}
 
-	if (p->ca_path.s && p->ca_path.len > 0) {
-		shm_free(p->ca_path.s);
-		p->ca_path.s = NULL;
-		p->ca_path.len = 0;
+	if (p->tls_ca_path.s && p->tls_ca_path.len > 0) {
+		shm_free(p->tls_ca_path.s);
+		p->tls_ca_path.s = NULL;
+		p->tls_ca_path.len = 0;
 	}
-	if (ca_path.s && ca_path.len > 0) {
-		if (shm_str_dup(&p->ca_path, &ca_path) < 0) {
-			LM_ERR("Error allocating ca_path\n");
+	if (tls_ca_path.s && tls_ca_path.len > 0) {
+		if (shm_str_dup(&p->tls_ca_path, &tls_ca_path) < 0) {
+			LM_ERR("Error allocating tls_ca_path\n");
 			return;
 		}
 	}

modules/http_async_client/async_http.h

@@ -52,11 +52,11 @@ extern int http_timeout; /* query timeout in ms */
 extern struct sip_msg *ah_reply;
 extern str ah_error;
 
-extern int verify_host;
-extern int verify_peer;
-extern str ssl_cert;
-extern str ssl_key;
-extern str ca_path;
+extern int tls_verify_host;
+extern int tls_verify_peer;
+extern str tls_client_cert;
+extern str tls_client_key;
+extern str tls_ca_path;
 
 
 typedef struct async_http_worker {
@@ -80,16 +80,16 @@ struct header_list {
 
 struct query_params {
 	async_http_method_t method:3;
-	unsigned int verify_peer:1;
-	unsigned int verify_host:1;
+	unsigned int tls_verify_peer:1;
+	unsigned int tls_verify_host:1;
 	unsigned int suspend_transaction:1; /* (create and) suspend the current transaction */
 	unsigned int call_route:1;          /* call script route on reply */
 
 	unsigned int timeout;
 	struct header_list headers;
-	str ssl_cert;
-	str ssl_key;
-	str ca_path;
+	str tls_client_cert;
+	str tls_client_key;
+	str tls_ca_path;
 };
 
 extern struct query_params ah_params;
@@ -139,22 +139,22 @@ static inline void free_async_query(async_query_t *aq)
 		shm_free(aq->query_params.headers.t);
 	}
 
-	if (aq->query_params.ssl_cert.s && aq->query_params.ssl_cert.len > 0) {
-		shm_free(aq->query_params.ssl_cert.s);
-		aq->query_params.ssl_cert.s = NULL;
-		aq->query_params.ssl_cert.len = 0;
+	if (aq->query_params.tls_client_cert.s && aq->query_params.tls_client_cert.len > 0) {
+		shm_free(aq->query_params.tls_client_cert.s);
+		aq->query_params.tls_client_cert.s = NULL;
+		aq->query_params.tls_client_cert.len = 0;
 	}
 
-	if (aq->query_params.ssl_key.s && aq->query_params.ssl_key.len > 0) {
-		shm_free(aq->query_params.ssl_key.s);
-		aq->query_params.ssl_key.s = NULL;
-		aq->query_params.ssl_key.len = 0;
+	if (aq->query_params.tls_client_key.s && aq->query_params.tls_client_key.len > 0) {
+		shm_free(aq->query_params.tls_client_key.s);
+		aq->query_params.tls_client_key.s = NULL;
+		aq->query_params.tls_client_key.len = 0;
 	}
 
-	if (aq->query_params.ca_path.s && aq->query_params.ca_path.len > 0) {
-		shm_free(aq->query_params.ca_path.s);
-		aq->query_params.ca_path.s = NULL;
-		aq->query_params.ca_path.len = 0;
+	if (aq->query_params.tls_ca_path.s && aq->query_params.tls_ca_path.len > 0) {
+		shm_free(aq->query_params.tls_ca_path.s);
+		aq->query_params.tls_ca_path.s = NULL;
+		aq->query_params.tls_ca_path.len = 0;
 	}
 
 	shm_free(aq);

modules/http_async_client/doc/http_async_client_admin.xml

@@ -121,7 +121,7 @@ modparam("async_http", "hash_size", 1024)
 		</example>
 	</section>
 	<section>
-		<title><varname>tlsversion</varname> (int)</title>
+		<title><varname>tls_version</varname> (int)</title>
         <para>
 		    For HTTPS connections, what's the preferred SSL version.
 		    http://curl.haxx.se/libcurl/c/CURLOPT_SSLVERSION.html
@@ -132,16 +132,16 @@ modparam("async_http", "hash_size", 1024)
 		</emphasis>
 		</para>
 		<example>
-		<title>Set <varname>tlsversion</varname> parameter</title>
+		<title>Set <varname>tls_version</varname> parameter</title>
 		<programlisting format="linespecific">
 ...
-modparam("async_http", "tlsversion", 6)
+modparam("async_http", "tls_version", 6)
 ...
 </programlisting>
 		</example>
 	</section>
 	<section>
-		<title><varname>tlsverifyhost</varname> (int)</title>
+		<title><varname>tls_verify_host</varname> (int)</title>
         <para>
 		    For HTTPS connections, whether the client should verify the server host.
 		    http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html
@@ -152,16 +152,16 @@ modparam("async_http", "tlsversion", 6)
 		</emphasis>
 		</para>
 		<example>
-		<title>Set <varname>tlsverifyhost</varname> parameter</title>
+		<title>Set <varname>tls_verify_host</varname> parameter</title>
 		<programlisting format="linespecific">
 ...
-modparam("async_http", "tlsverifyhost", 0)
+modparam("async_http", "tls_verify_host", 0)
 ...
 </programlisting>
 		</example>
 	</section>
 	<section>
-		<title><varname>tlsverifypeer</varname> (int)</title>
+		<title><varname>tls_verify_peer</varname> (int)</title>
         <para>
 		    For HTTPS connections, whether the client should verify the server identity.
 		    http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html
@@ -172,10 +172,10 @@ modparam("async_http", "tlsverifyhost", 0)
 		</emphasis>
 		</para>
 		<example>
-		<title>Set <varname>tlsverifypeer</varname> parameter</title>
+		<title>Set <varname>tls_verify_peer</varname> parameter</title>
 		<programlisting format="linespecific">
 ...
-modparam("async_http", "tlsverifypeer", 0)
+modparam("async_http", "tls_verify_peer", 0)
 ...
 </programlisting>
 		</example>
@@ -231,7 +231,7 @@ modparam("async_http", "memory_manager", "sys")
               </example>
       </section>
 	<section>
-		<title><varname>tlsclientcert</varname> (int)</title>
+		<title><varname>tls_client_cert</varname> (int)</title>
         <para>
 		    For HTTPS connections, the file path of the TLS client certificate to be used
 		    http://curl.haxx.se/libcurl/c/CURLOPT_SSLCERT.html
@@ -242,16 +242,16 @@ modparam("async_http", "memory_manager", "sys")
 		</emphasis>
 		</para>
 		<example>
-		<title>Set <varname>tlsclientcert</varname> parameter</title>
+		<title>Set <varname>tls_client_cert</varname> parameter</title>
 		<programlisting format="linespecific">
 ...
-modparam("async_http", "tlsclientcert", "/etc/kamailio/ssl/clientcert.pem")
+modparam("async_http", "tls_client_cert", "/etc/kamailio/ssl/clientcert.pem")
 ...
 </programlisting>
 		</example>
 	</section>
 	<section>
-		<title><varname>tlsclientkey</varname> (int)</title>
+		<title><varname>tls_client_key</varname> (int)</title>
         <para>
 		    For HTTPS connections, the file path of the TLS client certificate key
 		    http://curl.haxx.se/libcurl/c/CURLOPT_SSLKEY.html
@@ -262,16 +262,16 @@ modparam("async_http", "tlsclientcert", "/etc/kamailio/ssl/clientcert.pem")
 		</emphasis>
 		</para>
 		<example>
-		<title>Set <varname>tlsclientkey</varname> parameter</title>
+		<title>Set <varname>tls_client_key</varname> parameter</title>
 		<programlisting format="linespecific">
 ...
-modparam("async_http", "tlsclientkey", "/etc/kamailio/ssl/clientcert.key")
+modparam("async_http", "tls_client_key", "/etc/kamailio/ssl/clientcert.key")
 ...
 </programlisting>
 		</example>
 	</section>
 	<section>
-		<title><varname>tlscapath</varname> (int)</title>
+		<title><varname>tls_ca_path</varname> (int)</title>
         <para>
 		    The path of the directory holding the CA certificates.
                     http://curl.haxx.se/libcurl/c/CURLOPT_CAPATH.html
@@ -282,10 +282,10 @@ modparam("async_http", "tlsclientkey", "/etc/kamailio/ssl/clientcert.key")
 		</emphasis>
 		</para>
 		<example>
-		<title>Set <varname>tlscapath</varname> parameter</title>
+		<title>Set <varname>tls_ca_path</varname> parameter</title>
 		<programlisting format="linespecific">
 ...
-modparam("async_http", "tlscapath", "/etc/kamailio/ssl/ca/")
+modparam("async_http", "tls_ca_path", "/etc/kamailio/ssl/ca/")
 ...
 </programlisting>
 		</example>
@@ -373,9 +373,9 @@ t_reply("200", "Ok");
         </programlisting>
 	    </example>
 	</section>
-	<section id="async_http.f.http_verify_host">
+	<section id="async_http.f.tls_verify_host">
 	    <title>
-		<function moreinfo="none">http_verify_host(verify)</function>
+		<function moreinfo="none">tls_verify_host(verify)</function>
 	    </title>
         <para>
 		    For the next HTTPS connection, whether the client should verify the server host.
@@ -384,10 +384,10 @@ t_reply("200", "Ok");
             Parameter <quote>verify</quote> set to "1" to enable the host verification, "0" to disable. Default: the global value set as <emphasis>verify_host</emphasis> module parameter.
         </para>
 		<example>
-		<title><function>http_verify_host()</function> usage</title>
+		<title><function>tls_verify_host()</function> usage</title>
 		<programlisting format="linespecific">
 ...
-http_verify_host("0");
+tls_verify_host("0");
 # host verification is disabled for the next query
 http_query("https://example.com/test.php", "HTTP_REPLY");
 ...
@@ -395,9 +395,9 @@ http_query("https://example.com/test.php", "HTTP_REPLY");
 	    </example>
 	</section>
 
-	<section id="async_http.f.http_verify_peer">
+	<section id="async_http.f.tls_verify_peer">
 	    <title>
-		<function moreinfo="none">http_verify_peer(verify)</function>
+		<function moreinfo="none">tls_verify_peer(verify)</function>
 	    </title>
         <para>
 		    For the next HTTPS connection, whether the client should verify the server identity.
@@ -406,10 +406,10 @@ http_query("https://example.com/test.php", "HTTP_REPLY");
             Parameter <quote>verify</quote> set to "1" to enable the identity verification, "0" to disable. Default: the global value set as <emphasis>verify_peer</emphasis> module parameter.
         </para>
 		<example>
-		<title><function>http_verify_peer()</function> usage</title>
+		<title><function>tls_verify_peer()</function> usage</title>
 		<programlisting format="linespecific">
 ...
-http_verify_peer("0");
+tls_verify_peer("0");
 # server identity verification is disabled for the next query
 http_query("https://example.com/test.php", "HTTP_REPLY");
 ...
@@ -492,21 +492,21 @@ http_query("https://example.com/test.php", "{'foo': 'bar'}", "HTTP_REPLY");
 	    </example>
 	</section>
 
-	<section id="async_http.f.http_set_ssl_cert">
+	<section id="async_http.f.http_set_tls_client_cert">
 	    <title>
-		<function moreinfo="none">http_set_ssl_cert(path)</function>
+		<function moreinfo="none">http_set_tls_client_cert(path)</function>
 	    </title>
         <para>
 		    For the next HTTPS connection, what client certificate to use.
         </para>
         <para>
-            Default: the global value set as <emphasis>ssl_cert</emphasis> module parameter.
+            Default: the global value set as <emphasis>tls_client_cert</emphasis> module parameter.
         </para>
 		<example>
-		<title><function>http_set_ssl_cert()</function> usage</title>
+		<title><function>http_set_tls_client_cert()</function> usage</title>
 		<programlisting format="linespecific">
 ...
-http_set_ssl_cert("/etc/kamailio/ssl/cert.pem");
+http_set_tls_client_cert("/etc/kamailio/ssl/cert.pem");
 # Next query will use the client cert above
 http_query("https://example.com/test.php", "HTTP_REPLY");
 ...
@@ -514,21 +514,21 @@ http_query("https://example.com/test.php", "HTTP_REPLY");
 	    </example>
 	</section>
 
-	<section id="async_http.f.http_set_ssl_key">
+	<section id="async_http.f.http_set_tls_client_key">
 	    <title>
-		<function moreinfo="none">http_set_ssl_key(path)</function>
+		<function moreinfo="none">http_set_tls_client_key(path)</function>
 	    </title>
         <para>
 		    For the next HTTPS connection, what client certificate key to use.
         </para>
         <para>
-            Default: the global value set as <emphasis>ssl_key</emphasis> module parameter.
+            Default: the global value set as <emphasis>tls_client_key</emphasis> module parameter.
         </para>
 		<example>
-		<title><function>http_set_ssl_key()</function> usage</title>
+		<title><function>http_set_tls_client_key()</function> usage</title>
 		<programlisting format="linespecific">
 ...
-http_set_ssl_key("/etc/kamailio/ssl/cert.key");
+http_set_tls_client_key("/etc/kamailio/ssl/cert.key");
 # Next query will use the client cert key above
 http_query("https://example.com/test.php", "HTTP_REPLY");
 ...
@@ -536,21 +536,21 @@ http_query("https://example.com/test.php", "HTTP_REPLY");
 	    </example>
 	</section>
 
-	<section id="async_http.f.http_set_ca_path">
+	<section id="async_http.f.http_set_tls_ca_path">
 	    <title>
-		<function moreinfo="none">http_set_ca_path(path)</function>
+		<function moreinfo="none">http_set_tls_ca_path(path)</function>
 	    </title>
         <para>
 		    For the next HTTP connection, what CA certificate files to use.
         </para>
         <para>
-            Default: the global value set as <emphasis>ca_path</emphasis> module parameter.
+            Default: the global value set as <emphasis>tls_ca_path</emphasis> module parameter.
         </para>
 		<example>
-		<title><function>http_set_ca_path()</function> usage</title>
+		<title><function>http_set_tls_ca_path()</function> usage</title>
 		<programlisting format="linespecific">
 ...
-http_set_ssl_key("/etc/kamailio/ssl/ca/");
+http_set_tls_client_key("/etc/kamailio/ssl/ca/");
 # Next query will use the CA certs above
 http_query("https://example.com/test.php", "HTTP_REPLY");
 ...

modules/http_async_client/hm_hash.h

@@ -66,13 +66,13 @@ typedef struct http_m_global
 
 typedef struct hm_params {
 	int timeout;
-	int verify_host;
-	int verify_peer;
+	int tls_verify_host;
+	int tls_verify_peer;
 	struct curl_slist* headers;
 	int method;
-	str ssl_cert;
-	str ssl_key;
-	str ca_path;
+	str tls_client_cert;
+	str tls_client_key;
+	str tls_ca_path;
 } http_m_params_t;
 
 typedef struct http_m_cell

modules/http_async_client/http_async_client_mod.c

@@ -62,13 +62,13 @@ extern int  num_workers;
 
 int http_timeout = 500; /* query timeout in ms */
 int hash_size = 2048;
-int ssl_version = 0; // Use default SSL version in HTTPS requests (see curl/curl.h)
-int verify_host = 1; // By default verify host in HTTPS requests
-int verify_peer = 1; // By default verify peer in HTTPS requests
+int tls_version = 0; // Use default SSL version in HTTPS requests (see curl/curl.h)
+int tls_verify_host = 1; // By default verify host in HTTPS requests
+int tls_verify_peer = 1; // By default verify peer in HTTPS requests
 int curl_verbose = 0;
-str ssl_cert = STR_STATIC_INIT(""); // client SSL certificate path, defaults to NULL
-str ssl_key = STR_STATIC_INIT(""); // client SSL certificate key path, defaults to NULL
-str ca_path = STR_STATIC_INIT(""); // certificate authority dir path, defaults to NULL
+str tls_client_cert = STR_STATIC_INIT(""); // client SSL certificate path, defaults to NULL
+str tls_client_key = STR_STATIC_INIT(""); // client SSL certificate key path, defaults to NULL
+str tls_ca_path = STR_STATIC_INIT(""); // certificate authority dir path, defaults to NULL
 static char *memory_manager = "shm";
 extern int curl_memory_manager;
 
@@ -78,15 +78,15 @@ static void mod_destroy(void);
 
 static int w_http_async_get(sip_msg_t* msg, char* query, char* rt);
 static int w_http_async_post(sip_msg_t* msg, char* query, char* post, char* rt);
-static int w_http_verify_host(sip_msg_t* msg, char* vh, char*);
-static int w_http_verify_peer(sip_msg_t* msg, char* vp, char*);
+static int w_tls_verify_host(sip_msg_t* msg, char* vh, char*);
+static int w_tls_verify_peer(sip_msg_t* msg, char* vp, char*);
 static int w_http_async_suspend_transaction(sip_msg_t* msg, char* vp, char*);
 static int w_http_set_timeout(sip_msg_t* msg, char* tout, char*);
 static int w_http_append_header(sip_msg_t* msg, char* hdr, char*);
 static int w_http_set_method(sip_msg_t* msg, char* method, char*);
-static int w_http_set_ssl_cert(sip_msg_t* msg, char* sc, char*);
-static int w_http_set_ssl_key(sip_msg_t* msg, char* sk, char*);
-static int w_http_set_ca_path(sip_msg_t* msg, char* cp, char*);
+static int w_http_set_tls_client_cert(sip_msg_t* msg, char* sc, char*);
+static int w_http_set_tls_client_key(sip_msg_t* msg, char* sk, char*);
+static int w_http_set_tls_ca_path(sip_msg_t* msg, char* cp, char*);
 static int set_query_param(str* param, str input);
 static int fixup_http_async_get(void** param, int param_no);
 static int fixup_http_async_post(void** param, int param_no);
@@ -122,9 +122,9 @@ static cmd_export_t cmds[]={
 		0, ANY_ROUTE},
 	{"http_async_query", (cmd_function)w_http_async_post, 3, fixup_http_async_post,
 		0, ANY_ROUTE},
-	{"http_verify_host", (cmd_function)w_http_verify_host, 1, fixup_igp_all,
+	{"tls_verify_host", (cmd_function)w_tls_verify_host, 1, fixup_igp_all,
 		0, ANY_ROUTE},
-	{"http_verify_peer", (cmd_function)w_http_verify_peer, 1, fixup_igp_all,
+	{"tls_verify_peer", (cmd_function)w_tls_verify_peer, 1, fixup_igp_all,
 		0, ANY_ROUTE},
 	{"http_async_suspend", (cmd_function)w_http_async_suspend_transaction, 1, fixup_igp_all,
 		0, ANY_ROUTE},
@@ -134,11 +134,11 @@ static cmd_export_t cmds[]={
 		0, ANY_ROUTE},
 	{"http_set_method", (cmd_function)w_http_set_method, 1, fixup_spve_null,
 		0, ANY_ROUTE},
-	{"http_set_ssl_cert", (cmd_function)w_http_set_ssl_cert, 1, fixup_spve_null,
+	{"http_set_tls_client_cert", (cmd_function)w_http_set_tls_client_cert, 1, fixup_spve_null,
 		0, ANY_ROUTE},
-	{"http_set_ssl_key", (cmd_function)w_http_set_ssl_key, 1, fixup_spve_null,
+	{"http_set_tls_client_key", (cmd_function)w_http_set_tls_client_key, 1, fixup_spve_null,
 		0, ANY_ROUTE},
-	{"http_set_ca_path", (cmd_function)w_http_set_ca_path, 1, fixup_spve_null,
+	{"http_set_tls_ca_path", (cmd_function)w_http_set_tls_ca_path, 1, fixup_spve_null,
 		0, ANY_ROUTE},
 	{0, 0, 0, 0, 0, 0}
 };
@@ -147,13 +147,13 @@ static param_export_t params[]={
 {"workers",					INT_PARAM,   &num_workers},
 	{"connection_timeout",	INT_PARAM,   &http_timeout},
 	{"hash_size",			INT_PARAM,   &hash_size},
-	{"tlsversion",			INT_PARAM,   &ssl_version},
-	{"tlsverifyhost",		INT_PARAM,   &verify_host},
-	{"tlsverifypeer",		INT_PARAM,   &verify_peer},
+	{"tls_version",			INT_PARAM,   &tls_version},
+	{"tls_verify_host",		INT_PARAM,   &tls_verify_host},
+	{"tls_verify_peer",		INT_PARAM,   &tls_verify_peer},
 	{"curl_verbose",		INT_PARAM,   &curl_verbose},
-	{"tlsclientcert",		PARAM_STR,   &ssl_cert},
-	{"tlsclientkey",		PARAM_STR,   &ssl_key},
-	{"tlscapath",			PARAM_STR,   &ca_path},
+	{"tls_client_cert",		PARAM_STR,   &tls_client_cert},
+	{"tls_client_key",		PARAM_STR,   &tls_client_key},
+	{"tls_ca_path",			PARAM_STR,   &tls_ca_path},
 	{"memory_manager",	PARAM_STRING,&memory_manager},
 	{0, 0, 0}
 };
@@ -256,8 +256,8 @@ static int mod_init(void)
 		return -1;
 	}
 
-	verify_host = verify_host?1:0;
-	verify_peer = verify_peer?1:0;
+	tls_verify_host = tls_verify_host?1:0;
+	tls_verify_peer = tls_verify_peer?1:0;
 
 	/* init http parameters list */
 	init_query_params(&ah_params);
@@ -499,17 +499,17 @@ if(fixup_get_ivalue(msg, (gparam_t*)NAME, &( i_##NAME))!=0)\
 	return -1;\
 }
 
-static int w_http_verify_host(sip_msg_t* msg, char* vh, char*foo)
+static int w_tls_verify_host(sip_msg_t* msg, char* vh, char*foo)
 {
 	_IVALUE (vh);
-	ah_params.verify_host = i_vh?1:0;
+	ah_params.tls_verify_host = i_vh?1:0;
 	return 1;
 }
 
-static int w_http_verify_peer(sip_msg_t* msg, char* vp, char*foo)
+static int w_tls_verify_peer(sip_msg_t* msg, char* vp, char*foo)
 {
 	_IVALUE (vp);
-	ah_params.verify_peer = i_vp?1:0;
+	ah_params.tls_verify_peer = i_vp?1:0;
 	return 1;
 }
 
@@ -585,40 +585,40 @@ static int w_http_set_method(sip_msg_t* msg, char* meth, char*foo)
 	return 1;
 }
 
-static int w_http_set_ssl_cert(sip_msg_t* msg, char* sc, char*foo)
+static int w_http_set_tls_client_cert(sip_msg_t* msg, char* sc, char*foo)
 {
-	str _ssl_cert;
+	str _tls_client_cert;
 
-	if(fixup_get_svalue(msg, (gparam_t*)sc, &_ssl_cert)!=0) {
+	if(fixup_get_svalue(msg, (gparam_t*)sc, &_tls_client_cert)!=0) {
 		LM_ERR("unable to get method value\n");
 		return -1;
 	}
 
-        return set_query_param(&ah_params.ssl_cert, _ssl_cert);
+        return set_query_param(&ah_params.tls_client_cert, _tls_client_cert);
 }
 
-static int w_http_set_ssl_key(sip_msg_t* msg, char* sk, char*foo)
+static int w_http_set_tls_client_key(sip_msg_t* msg, char* sk, char*foo)
 {
-	str _ssl_key;
+	str _tls_client_key;
 
-	if(fixup_get_svalue(msg, (gparam_t*)sk, &_ssl_key)!=0) {
+	if(fixup_get_svalue(msg, (gparam_t*)sk, &_tls_client_key)!=0) {
 		LM_ERR("unable to get method value\n");
 		return -1;
 	}
 
-        return set_query_param(&ah_params.ssl_key, _ssl_key);
+        return set_query_param(&ah_params.tls_client_key, _tls_client_key);
 }
 
-static int w_http_set_ca_path(sip_msg_t* msg, char* cp, char*foo)
+static int w_http_set_tls_ca_path(sip_msg_t* msg, char* cp, char*foo)
 {
-	str _ca_path;
+	str _tls_ca_path;
 
-	if(fixup_get_svalue(msg, (gparam_t*)cp, &_ca_path)!=0) {
+	if(fixup_get_svalue(msg, (gparam_t*)cp, &_tls_ca_path)!=0) {
 		LM_ERR("unable to get method value\n");
 		return -1;
 	}
 
-        return set_query_param(&ah_params.ca_path, _ca_path);
+        return set_query_param(&ah_params.tls_ca_path, _tls_ca_path);
 }
 
 /*

modules/http_async_client/http_multi.c

@@ -415,8 +415,8 @@ int init_http_multi(struct event_base *evbase, struct http_m_global *wg)
 int new_request(str *query, str *post, http_m_params_t *query_params, http_multi_cbe_t cb, void *param)
 {
 
-	LM_DBG("received query %.*s with timeout %d, verify_peer %d, verify_host %d (param=%p)\n", 
-			query->len, query->s, query_params->timeout, query_params->verify_peer, query_params->verify_host, param);
+	LM_DBG("received query %.*s with timeout %d, tls_verify_peer %d, tls_verify_host %d (param=%p)\n", 
+			query->len, query->s, query_params->timeout, query_params->tls_verify_peer, query_params->tls_verify_host, param);
 	
 	CURL *easy;
 	CURLMcode rc;
@@ -469,20 +469,20 @@ int new_request(str *query, str *post, http_m_params_t *query_params, http_multi
 	}
 	curl_easy_setopt(cell->easy, CURLOPT_ERRORBUFFER, cell->error);
 	curl_easy_setopt(cell->easy, CURLOPT_PRIVATE, cell);
-	curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYPEER, cell->params.verify_peer);
-	curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYHOST, cell->params.verify_host?2:0);
-	curl_easy_setopt(cell->easy, CURLOPT_SSLVERSION, ssl_version);
+	curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYPEER, cell->params.tls_verify_peer);
+	curl_easy_setopt(cell->easy, CURLOPT_SSL_VERIFYHOST, cell->params.tls_verify_host?2:0);
+	curl_easy_setopt(cell->easy, CURLOPT_SSLVERSION, tls_version);
 
-	if (cell->params.ssl_cert.s && cell->params.ssl_cert.len > 0) {
-		curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.ssl_cert.s);
+	if (cell->params.tls_client_cert.s && cell->params.tls_client_cert.len > 0) {
+		curl_easy_setopt(cell->easy, CURLOPT_SSLCERT, cell->params.tls_client_cert.s);
 	}
 
-	if (cell->params.ssl_key.s && cell->params.ssl_key.len > 0) {
-		curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.ssl_key.s);
+	if (cell->params.tls_client_key.s && cell->params.tls_client_key.len > 0) {
+		curl_easy_setopt(cell->easy, CURLOPT_SSLKEY, cell->params.tls_client_key.s);
 	}
 
-	if (cell->params.ca_path.s && cell->params.ca_path.len > 0) {
-		curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.ca_path.s);
+	if (cell->params.tls_ca_path.s && cell->params.tls_ca_path.len > 0) {
+		curl_easy_setopt(cell->easy, CURLOPT_CAPATH, cell->params.tls_ca_path.s);
 	}
 
 	curl_easy_setopt(cell->easy, CURLOPT_HEADER, 1);

modules/http_async_client/http_multi.h

@@ -52,7 +52,7 @@ extern stat_var *requests;
 extern stat_var *replies;
 extern stat_var *errors;
 extern stat_var *timeouts;
-extern int ssl_version;
+extern int tls_version;
 extern int curl_verbose;
 
 void set_curl_mem_callbacks(void);