The patch looks ok, but I think we can do this a little bit more flexible:
instead of having two functions `tls_check_from` and `tls_check_to`, why don't
we add a single one, i.e. `tls_check_username("user")`, that can receive a pvar
as input, and checks the certificate username against it.
This way you can practically authenticate the client based on its alias, or
user-account, instead of simple to or from usernames.
What do you think about this approach?
---
Reply to this email directly or view it on GitHub:
https://github.com/OpenSIPS/opensips/pull/716#issuecomment-187761962
_______________________________________________
Devel mailing list
[email protected]
http://lists.opensips.org/cgi-bin/mailman/listinfo/devel
