[Freeswitch-users] SIP-S and openssl
Michael Jerris
mike at jerris.com
Mon Jun 10 19:39:53 MSD 2013
This is the right area, yes. I don't think we expose a way to configure this right now, but you can try just hacking the code here to confirm.
On Jun 9, 2013, at 3:13 AM, mehroz <mehroz.ashraf85 at gmail.com> wrote:
> Moreover, there is a file in libs/sofia-sip/libsofia-sip-ua/tport/ as
> tport_tls.c.
> and a portion of fucntion:
> void tls_set_default(tls_issues_t *i)
> {
> i->verify_depth = i->verify_depth == 0 ? 2 : i->verify_depth;
> i->cert = i->cert ? i->cert : "agent.pem";
> i->key = i->key ? i->key : i->cert;
> i->randFile = i->randFile ? i->randFile : "tls_seed.dat";
> i->CAfile = i->CAfile ? i->CAfile : "cafile.pem";
> i->cipher = i->cipher ? i->cipher : "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH";
> /* Default SIP cipher */
> /* "RSA-WITH-AES-128-CBC-SHA"; */
> /* RFC-2543-compatibility ciphersuite */
> /* TLS_RSA_WITH_3DES_EDE_CBC_SHA; */
> }
>
> seems to be a relevant approach. Cipher mentioned as default
> "RSA-WITH-AES-128-CBC-SHA" is returned in ServerHello in default
> configuration. Changing this cipher (replacing
> "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" with "ECDHE-ECDSA-AES256-GCM-SHA384" )
> according to my need i.e SUIT-B cipher and compiling FS again, results
> internal SIP profile not being loaded.
>
> Please comments if any body have previously worked or dev guys could help
> so?
>
>
>
> --
> View this message in context: http://freeswitch-users.2379917.n2.nabble.com/SIP-S-and-openssl-tp7591496p7591559.html
> Sent from the freeswitch-users mailing list archive at Nabble.com.
>
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
>
>
>
>
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list