[Freeswitch-svn] [commit] r6963 - in freeswitch/trunk: conf/sip_profiles src/mod/endpoints/mod_sofia
Freeswitch SVN
stkn at freeswitch.org
Sat Dec 22 18:50:15 EST 2007
Author: stkn
Date: Sat Dec 22 18:50:15 2007
New Revision: 6963
Modified:
freeswitch/trunk/conf/sip_profiles/default.xml
freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h
freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c
Log:
Add "a tls-version" configuration option to select the protocol version of the SIP/TLS endpoint, possible values are "tlsv1" and "sslv23", with SSLv2/3 being the default because that is what phones seem to be using (e.g. spa962)
Modified: freeswitch/trunk/conf/sip_profiles/default.xml
==============================================================================
--- freeswitch/trunk/conf/sip_profiles/default.xml (original)
+++ freeswitch/trunk/conf/sip_profiles/default.xml Sat Dec 22 18:50:15 2007
@@ -53,6 +53,8 @@
<param name="tls-sip-port" value="5061"/>
<!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
<param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/>
+ <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
+ <param name="tls-version" value="sslv23"/>
<!--If you don't want to pass through timestampes from 1 RTP call to another (on a per call basis with rtp_rewrite_timestamps chanvar)-->
<!--<param name="rtp-rewrite-timestamps" value="true"/>-->
Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h
==============================================================================
--- freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h (original)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/mod_sofia.h Sat Dec 22 18:50:15 2007
@@ -243,6 +243,7 @@
sofia_dtmf_t dtmf_type;
int sip_port;
int tls_sip_port;
+ int tls_version;
char *codec_string;
int running;
int dtmf_duration;
Modified: freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c
==============================================================================
--- freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c (original)
+++ freeswitch/trunk/src/mod/endpoints/mod_sofia/sofia.c Sat Dec 22 18:50:15 2007
@@ -390,6 +390,7 @@
NUTAG_URL(profile->bindurl),
TAG_IF(sofia_test_pflag(profile, PFLAG_TLS), NUTAG_SIPS_URL(profile->tls_bindurl)),
TAG_IF(sofia_test_pflag(profile, PFLAG_TLS), NUTAG_CERTIFICATE_DIR(profile->tls_cert_dir)),
+ TAG_IF(sofia_test_pflag(profile, PFLAG_TLS), TPTAG_TLS_VERSION(profile->tls_version)),
NTATAG_UDP_MTU(65536),
TAG_IF(tportlog, TPTAG_LOG(1)),
TAG_END()); /* Last tag should always finish the sequence */
@@ -857,6 +858,7 @@
switch_thread_rwlock_create(&profile->rwlock, profile->pool);
switch_mutex_init(&profile->flag_mutex, SWITCH_MUTEX_NESTED, profile->pool);
profile->dtmf_duration = 100;
+ profile->tls_version = 0;
for (param = switch_xml_child(settings, "param"); param; param = param->next) {
char *var = (char *) switch_xml_attr_soft(param, "name");
@@ -1056,6 +1058,13 @@
profile->tls_sip_port = atoi(val);
} else if (!strcasecmp(var, "tls-cert-dir")) {
profile->tls_cert_dir = switch_core_strdup(profile->pool, val);
+ } else if (!strcasecmp(var, "tls-version")) {
+
+ if (!strcasecmp(val, "tlsv1")) {
+ profile->tls_version = 1;
+ } else {
+ profile->tls_version = 0;
+ }
}
}
More information about the Freeswitch-svn
mailing list