- Add a new tport tag to carry the passphrase
 - Add openSSL password callback function

Minor style fixes by Pekka Pessi.

sofia-sip/tport.h:
* tport_delivered_from_subjects() returns type (su_strlst_t const *)
* Export tport_subject_search()

sofia-sip/tport_tag.h + tport_tag.c:
* Remove TPTAG_TLS_VERIFY_PEER()
  - Depreciated.  Use TPTAG_TLS_VERIFY_POLICY instead.
  - Binary Compatibility is preserved.
* Add TPTAG_TLS_VERIFY_POLICY()
  - tport can verify incoming and/or outgoing connections, using:
    1) Certificate Signatures only - or -
    2) Certificate Signatures and Certificate Subjects
* Add TPTAG_TLS_VERIFY_DEPTH()
  - Restrict certificate chain verification to a set length.
* Add TPTAG_TLS_VERIFY_DATE()
  - Disable notBefore/notAfter checking (application: embedded devices)
* Add TPTAG_TLS_VERIFY_SUBJECTS()
  - Incoming connections must present client certificates with subjects
    that match an item in this list.
  - Intended Use: Proxy Authentication
* Replaced TPTAG_TRUSTED() with TPTAG_X509_SUBJECT()
  - Commented out for future use.
  - Intended Use: SIP User Identities in Server Certificates.
* Add appropriate doxygen documentation.

tport.c
* Add tport_subject_search()
  - Subject can be a hostname, IP Address, or a URI.
  - Valid subject examples include:
      example.com
      alice@example.com
      sip:alice@example.com
      sips:alice@example.com
* tport_by_addrinfo() matches tpn_canon against the subject list
    of reusable TLS connections.

tport_tls.h:
* Add tls_init_secondary()
* Remove tls_init_slave() & tls_init_client()

tport_tls.c:
* tls_verify_cb() supports TPTAG_TLS_VERIFY_DATE()
* tls_post_connection_check() verifies certificate subjects.
* tls_init_secondary()
  - Replaces tls_init_slave(), tls_init_client(), and tls_clone().

tport_type_tls.c:
* Removed erroneous reference to tport_tls_deliver()
* Fix a memory leak caused by duplicate calls to tls_clone().
* Populate the (tport_t *)->tp_subjects field with peer certificate data for
  new secondary connections.

darcs-hash:20090115155045-2152f-aaec406d8e5dbf146949d4d3cbc9f56e201cba46.gz

tport_type_tls.c:
* tport_tls_accept():
  - Replaces tport_accept for incoming TLS connections.
* tport_tls_connect():
  - Replaces tport_base_connect() for outgoing TLS connections.

tport_tls.c:
* tls_t now use a memory home instead of malloc.
* removed tls_check_hosts()
* tls_connect():
  - Replaces tport_base_connect for TLS connection setup.
  - Completes TLS handshake and verifies peer certificates.
  - Destroys suspect TLS connections before sending/receiving payload.
  - Populates a su_strlst_t with subjects from the peer certificate.

tport.c:
* tport_is_verified()
  - true if peer certificate validated successfully
* tport_delivered_from_subjects()
  - Certificate subjects listed in the peer certificate.

darcs-hash:20081216221937-2152f-3d6b74d411b57c22230e4840fca133da48c86368.gz

darcs-hash:20081127130812-db55f-897d917911d8e6a1abf34fa3eb6a0811b17a4b22.gz

With this tag, the verification of certificates can be controlled:
0: no verify certificates.
1: on server mode, the certificate returned by client is checked and
   if fail the TLS/SSL handshake is immediately terminated.
1: on client mode, the server certificate is verified and
   if fail the TLS/SSL handshake is immediately terminated.

I added this tag, because I'd like that my application not connected to a
server with a untrusted certificate.

darcs-hash:20081126184231-daa5a-26fe2a4f958d2f931d3f7e9b31bc0426e7250a1f.gz

darcs-hash:20070920173622-65a35-344f484ee50de63c28e6e9b82658784672064641.gz

darcs-hash:20060920152906-65a35-0b099206786428ea2d7876c7895b40245e9149b3.gz

darcs-hash:20060517130101-65a35-cf0e5af13bf73fa8b488dda4ea79ae2d23029197.gz

All public include files installed in ${sofiadir} are now in sofia-sip
subdirectories. They are installed to ${sofiadir}/sofia-sip, too.

${sofiadir} is defined by configure script relative to your ${prefix}, by
default ${sofidir} is ${prefix}/include/sofia-sip-1.11. The default prefix
is /usr/local and ${sofiadir} is /usr/local/include/sofia-sip-1.11. When
using package manager, the ${prefix} is usually /usr and ${sofiadir} is
/usr/include/sofia-sip-1.11.

The public include files should be referenced using sofia-sip path, e.g.,
<sofia-sip/su.h>.

You can either fix your applications to use the new include file names
with the fix-include-sofia-sip sed script found in scripts/ directory, or
add both ${sofiadir} and ${sofiadir}/sofia-sip into your include path,
e.g.,

INCLUDES

darcs-hash:20060214140740-65a35-305973241d6cc2e1ab3fe19359445b839b3c22a8.gz

darcs-hash:20060103204348-65a35-293d8b6f87eb77457887e8ce70289db22e8d7690.gz

darcs-hash:20051027163721-65a35-e3369c519d906cd25a6323cc48385c4827d9b204.gz

darcs-hash:20051024235928-65a35-0ea69f7f35c988690388d15566191d42c24c7d7f.gz

darcs-hash:20051013142609-65a35-ae82bd34717e92d23f57a2f2caab9120cb0c8b3e.gz

darcs-hash:20051013142158-65a35-4e3c78d621d49e3606938941a31987c858d3ffaf.gz

darcs-hash:20050907200052-65a35-f31775554518776b4e5f4d5729ef9f99eae648dc.gz