Skip to content

DRAFT: Setting for certificate information logs #548

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 2 commits into
base: main
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions lib/src/sip_ua_helper.dart
Original file line number Diff line number Diff line change
Expand Up @@ -805,6 +805,9 @@ class WebSocketSettings {
/// for self-signed certificate.
bool allowBadCertificate = false;

/// If true, debug the certificate.
bool debugCertificate = false;

/// Custom transport scheme string to use.
/// Otherwise the used protocol will be used (for example WS for ws://
/// or WSS for wss://, based on the given web socket URL).
Expand Down
31 changes: 24 additions & 7 deletions lib/src/transports/websocket_dart_impl.dart
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,11 @@ class SIPUAWebSocketImpl {
handleQueue();
logger.i('connect $_url, ${webSocketSettings.extraHeaders}, $protocols');
try {
if (webSocketSettings.allowBadCertificate) {
/// Allow self-signed certificate, for test only.
_socket = await _connectForBadCertificate(_url, webSocketSettings);
if (webSocketSettings.allowBadCertificate ||
webSocketSettings.debugCertificate) {
// Depending on the settings, it will allow self-signed certificates or debug them.
_socket =
await _connectWithBadCertificateHandling(_url, webSocketSettings);
} else {
_socket = await WebSocket.connect(_url,
protocols: protocols, headers: webSocketSettings.extraHeaders);
Expand Down Expand Up @@ -69,8 +71,7 @@ class SIPUAWebSocketImpl {
return _socket != null && _socket!.readyState == WebSocket.connecting;
}

/// For test only.
Future<WebSocket> _connectForBadCertificate(
Future<WebSocket> _connectWithBadCertificateHandling(
String url, WebSocketSettings webSocketSettings) async {
try {
Random r = Random();
Expand All @@ -84,8 +85,24 @@ class SIPUAWebSocketImpl {

client.badCertificateCallback =
(X509Certificate cert, String host, int port) {
logger.w('Allow self-signed certificate => $host:$port. ');
return true;
if (webSocketSettings.allowBadCertificate) {
logger.w('Allow self-signed certificate => $host:$port. ');
return true;
} else if (webSocketSettings.debugCertificate) {
logger.w(
'Server returns a server certificate that cannot be authenticated => $host:$port. ');
String certInfo = '\n';
certInfo += ' Certificate subject: ${cert.subject}\n';
certInfo += ' Certificate issuer: ${cert.issuer}\n';
certInfo += ' Certificate valid from: ${cert.startValidity}\n';
certInfo += ' Certificate valid to: ${cert.endValidity}\n';
certInfo += ' Certificate SHA-1 fingerprint: ${cert.sha1}\n';

logger.w('Certificate details: {$certInfo}');
return false;
} else {
return false; // reject the certificate
}
};

Uri parsed_uri = Uri.parse(url);
Expand Down