From d7c985afc7851bfce29b1781d156f2f480f079c5 Mon Sep 17 00:00:00 2001 From: Chris Rienzo Date: Tue, 16 Nov 2021 18:10:59 -0500 Subject: [PATCH] [mod_sofia] fail set up of STIR/SHAKEN verification service if configured CA directory fails to load --- src/mod/endpoints/mod_sofia/mod_sofia.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/mod/endpoints/mod_sofia/mod_sofia.c b/src/mod/endpoints/mod_sofia/mod_sofia.c index a3a6cd8e91..13d689fe93 100644 --- a/src/mod/endpoints/mod_sofia/mod_sofia.c +++ b/src/mod/endpoints/mod_sofia/mod_sofia.c @@ -6140,7 +6140,12 @@ static switch_status_t sofia_stir_shaken_vs_create(stir_shaken_context_t *contex return SWITCH_STATUS_FALSE; } if (mod_sofia_globals.stir_shaken_vs_ca_dir) { - stir_shaken_vs_load_ca_dir(context, sofia_stir_shaken_vs, mod_sofia_globals.stir_shaken_vs_ca_dir); + if (stir_shaken_vs_load_ca_dir(context, sofia_stir_shaken_vs, mod_sofia_globals.stir_shaken_vs_ca_dir) != STIR_SHAKEN_STATUS_OK) { + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Failed to load trusted root certificates from %s\n", mod_sofia_globals.stir_shaken_vs_ca_dir); + return SWITCH_STATUS_FALSE; + } else { + switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_INFO, "Loaded trusted root certificates from %s\n", mod_sofia_globals.stir_shaken_vs_ca_dir); + } } stir_shaken_vs_set_x509_cert_path_check(context, sofia_stir_shaken_vs, mod_sofia_globals.stir_shaken_vs_cert_path_check); stir_shaken_vs_set_connect_timeout(context, sofia_stir_shaken_vs, 3);