Dev news

Commit 2bd6f0116b for freeswitch.com

commit 2bd6f0116bc704f36a839c9149739b33f8af29cf
Author: Andrey Volk <andywolk@gmail.com>
Date:   Tue May 26 01:12:37 2026 +0300

    [mod_sofia] Reload certificates on the fly without disconnects using reloadcert API. (#3034)

diff --git a/src/mod/endpoints/mod_sofia/mod_sofia.c b/src/mod/endpoints/mod_sofia/mod_sofia.c
index 4fd5d57c1f..0bf07b57be 100644
--- a/src/mod/endpoints/mod_sofia/mod_sofia.c
+++ b/src/mod/endpoints/mod_sofia/mod_sofia.c
@@ -6528,6 +6528,42 @@ char *sofia_stir_shaken_as_create_identity_header(switch_core_session_t *session
 }


+#ifdef HAVE_NUA_RELOAD_TLS
+static void sofia_cert_reload_handler(switch_event_t *event)
+{
+	switch_hash_index_t *hi;
+	const void *vvar;
+	void *val;
+
+	switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_INFO, "Certificate reload event received, processing\n");
+
+	switch_mutex_lock(mod_sofia_globals.hash_mutex);
+
+	for (hi = switch_core_hash_first(mod_sofia_globals.profile_hash); hi; hi = switch_core_hash_next(&hi)) {
+		sofia_profile_t *profile;
+
+		switch_core_hash_this(hi, &vvar, NULL, &val);
+		profile = (sofia_profile_t *) val;
+
+		if (!sofia_test_pflag(profile, PFLAG_RUNNING) || !profile->nua || !profile->tls_cert_dir) {
+			continue;
+		}
+
+		if (strcmp(vvar, profile->name)) {
+			continue;
+		}
+
+		nua_reload_tls(profile->nua, profile->tls_cert_dir);
+
+		switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_INFO, "TLS certificate reload signaled for sofia profile %s\n", profile->name);
+	}
+
+	switch_mutex_unlock(mod_sofia_globals.hash_mutex);
+
+	switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_INFO, "Certificate reload event processed\n");
+}
+#endif
+
 SWITCH_MODULE_LOAD_FUNCTION(mod_sofia_load)
 {
 	switch_chat_interface_t *chat_interface;
@@ -6694,6 +6730,10 @@ SWITCH_MODULE_LOAD_FUNCTION(mod_sofia_load)
 	switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "Waiting for profiles to start\n");
 	switch_yield(1500000);

+#ifdef HAVE_NUA_RELOAD_TLS
+	switch_event_bind(modname, SWITCH_EVENT_CERT_RELOAD, SWITCH_EVENT_SUBCLASS_ANY, sofia_cert_reload_handler, NULL);
+#endif
+
 	if (switch_event_bind(modname, SWITCH_EVENT_CUSTOM, MULTICAST_EVENT, event_handler, NULL) != SWITCH_STATUS_SUCCESS) {
 		switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Couldn't bind!\n");
 		switch_goto_status(SWITCH_STATUS_TERM, err);
@@ -6876,6 +6916,9 @@ void mod_sofia_shutdown_cleanup(void) {
 	}
 	switch_mutex_unlock(mod_sofia_globals.mutex);

+#ifdef HAVE_NUA_RELOAD_TLS
+	switch_event_unbind_callback(sofia_cert_reload_handler);
+#endif
 	switch_event_unbind_callback(sofia_presence_event_handler);

 	switch_event_unbind_callback(general_queue_event_handler);
diff --git a/w32/download_sofia-sip.props b/w32/download_sofia-sip.props
index 52c1e6fe27..a4cdf6a2d9 100644
--- a/w32/download_sofia-sip.props
+++ b/w32/download_sofia-sip.props
@@ -29,7 +29,7 @@

   <Target Name="SofiaSipDownloadTarget" BeforeTargets="CustomBuild;PreBuildEvent;" DependsOnTargets="7za">
       <DownloadPackageTask
-           package="https://github.com/freeswitch/sofia-sip/archive/master.zip"
+           package="https://github.com/freeswitch/sofia-sip/archive/$(SofiaSipVersion).zip"
            expectfileordirectory="$(BaseDir)libs\sofia-sip\configure.ac"
            outputfolder=""
            outputfilename="sofia-sip-$(SofiaSipVersion).zip"