<h4 dir="auto">Pre-Submission Checklist</h4>
<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Commit message has the format required by CONTRIBUTING guide</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Commits are split per component (core, individual modules, libs, utils, ...)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Each component has a single commit (if not, squash them into one commit)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> No commits to README files for modules (changes must be done to docbook files<br>
in <code class="notranslate">doc/</code> subfolder, the README file is autogenerated)</li>
</ul>
<h4 dir="auto">Type Of Change</h4>
<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Small bug fix (non-breaking change which fixes an issue)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> New feature (non-breaking change which adds new functionality)</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Breaking change (fix or feature that would change existing functionality)</li>
</ul>
<h4 dir="auto">Checklist:</h4>
<ul class="contains-task-list">
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> PR should be backported to stable branches</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Tested changes locally</li>
<li class="task-list-item"><input type="checkbox" id="" disabled="" class="task-list-item-checkbox"> Related to issue #XXXX (replace XXXX with an open issue number)</li>
</ul>
<h4 dir="auto">Description</h4>
<p dir="auto">When the stirshaken module is in use and configured to cache certifications, validation will succeed on the very first attempt but will then fail every time the certificate is loaded from cache. The reason is because this module only saves the certificate and discards the any supplied chain certificates. This patch causes the module to save all supplied certificates and properly loads them upon retrieval.</p>
<p dir="auto">For the loading to work a patch is required in libstirshaken. A PR has already been submitted and is linked below. Without that patch the problem will persist but no other harm is done. This is a safe change to make that does not break existing behaviour.</p>
<ul dir="auto">
<li>save all certificates provided by signor to the disk cache</li>
<li>properly load all certificates when loading from cache</li>
<li>requires patch to libstirshaken (PR 123); this patch causes no harm (but no benefit) without it</li>
<li>resolve unrelated compiler warnings on 32bit systems</li>
</ul>
<p dir="auto"><a class="issue-link js-issue-link" data-error-text="Failed to load title" data-id="1292157750" data-permission-text="Title is private" data-url="https://github.com/signalwire/libstirshaken/issues/123" data-hovercard-type="pull_request" data-hovercard-url="/signalwire/libstirshaken/pull/123/hovercard" href="https://github.com/signalwire/libstirshaken/pull/123">signalwire/libstirshaken#123</a></p>
<hr>
<h4>You can view, comment on, or merge this pull request online at:</h4>
<p> <a href='https://github.com/kamailio/kamailio/pull/3175'>https://github.com/kamailio/kamailio/pull/3175</a></p>
<h4>Commit Summary</h4>
<ul>
<li><a href="https://github.com/kamailio/kamailio/pull/3175/commits/59eb3c047f5cfc7db0a77220ea2b49efd71a882b" class="commit-link">59eb3c0</a> stirshaken: Properly handle intermediary/chain certificates when caching certificates</li>
<li><a href="https://github.com/kamailio/kamailio/pull/3175/commits/88b19e9d4fcbf78d0b660a31e5192857b36e1128" class="commit-link">88b19e9</a> stirshaken: close file in write failure cases</li>
</ul>
<h4 style="display: inline-block">File Changes </h4> <p style="display: inline-block">(<a href="https://github.com/kamailio/kamailio/pull/3175/files">1 file</a>)</p>
<ul>
<li>
<strong>M</strong>
<a href="https://github.com/kamailio/kamailio/pull/3175/files#diff-e2bdb676bbb1456de7002f2a41ae0cc631b2c4724e7c9f54eb3f6106a5972cb2">src/modules/stirshaken/stirshaken_mod.c</a>
(106)
</li>
</ul>
<h4>Patch Links:</h4>
<ul>
<li><a href='https://github.com/kamailio/kamailio/pull/3175.patch'>https://github.com/kamailio/kamailio/pull/3175.patch</a></li>
<li><a href='https://github.com/kamailio/kamailio/pull/3175.diff'>https://github.com/kamailio/kamailio/pull/3175.diff</a></li>
</ul>
<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />Reply to this email directly, <a href="https://github.com/kamailio/kamailio/pull/3175">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/ABO7UZJDZNVSD42X7YSNIV3VSDL7HANCNFSM52P2GZPA">unsubscribe</a>.<br />You are receiving this because you are subscribed to this thread.<img src="https://github.com/notifications/beacon/ABO7UZNQQS5UFBIN7DDSBCDVSDL7HA5CNFSM52P2GZPKYY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4TIE6FUA.gif" height="1" width="1" alt="" /><span style="color: transparent; font-size: 0; display: none; visibility: hidden; overflow: hidden; opacity: 0; width: 0; height: 0; max-width: 0; max-height: 0; mso-hide: all">Message ID: <span><kamailio/kamailio/pull/3175</span><span>@</span><span>github</span><span>.</span><span>com></span></span></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/kamailio/kamailio/pull/3175",
"url": "https://github.com/kamailio/kamailio/pull/3175",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>