[Freeswitch-users] Upgrading DTLS
kaiduan xie
kaiduanx at yahoo.ca
Thu Dec 12 15:31:40 UTC 2019
Looks like your SSL version is old.
#if OPENSSL_VERSION_NUMBER >= 0x10100000
https://github.com/signalwire/freeswitch/blob/master/src/switch_rtp.c#L3757
The following is the SSL version on 16.0.4 Ubuntu.
~:/usr/include/openssl$ grep -R VERSION_NUMBER . -n
./crypto.h:152:# define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
./ssl.h:2868:# define SSL_R_BAD_PROTOCOL_VERSION_NUMBER 116
./ssl.h:3164:# define SSL_R_WRONG_VERSION_NUMBER 267
./pem.h:589:# define PEM_R_BAD_VERSION_NUMBER 117
./opensslv.h:33:# define OPENSSL_VERSION_NUMBER 0x1000207fL
./opensslv.h:83: * The current library version is stored in the macro SHLIB_VERSION_NUMBER,
./opensslv.h:91:# define SHLIB_VERSION_NUMBER "1.0.0"
:/usr/include/openssl$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04.5 LTS
Release: 16.04
Codename: xenial
On Thursday, December 12, 2019, 09:00:42 a.m. CST, Mirko Brankovic <mirkobrankovic at gmail.com> wrote:
VERSION="16.04.6 LTS (Xenial Xerus)"
~# dpkg -l | grep openssl
ii libcurl4-openssl-dev:amd64 7.47.0-1ubuntu2.14 amd64 development files and documentation for libcurl (OpenSSL flavour)
ii libgnutls-openssl27:amd64 3.4.10-4ubuntu1.5 amd64 GNU TLS library - OpenSSL wrapper
ii libxmlsec1-openssl 1.2.20-2ubuntu4 amd64 Openssl engine for the XML security library
ii openssl 1.0.2g-1ubuntu4.15 amd64 Secure Sockets Layer toolkit - cryptographic utility
But the real problem appeared on another webrtc gateway (Janus) that required TLS 1.2 minimum
On Thu, Dec 12, 2019 at 3:48 PM kaiduan xie via FreeSWITCH-users <freeswitch-users at lists.freeswitch.org> wrote:
---------- Forwarded message ----------
From: kaiduan xie <kaiduanx at yahoo.ca>
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
Cc:
Bcc:
Date: Thu, 12 Dec 2019 14:47:41 +0000 (UTC)
Subject: Re: [Freeswitch-users] Upgrading DTLS
What OS and version you run FS on? What is the openssl version on the box?
/Kaiduan
On Thursday, December 12, 2019, 03:29:32 a.m. CST, Mirko Brankovic <mirkobrankovic at gmail.com> wrote:
I had a same problem, and I see you can set it in vars.conf:https://github.com/signalwire/freeswitch/blob/master/conf/vanilla/vars.xml#L407
but since we have a custom module, it didn't work for me, so I replaced OpenSSL with BorringSSL and fixed it that way :D
On Wed, Dec 11, 2019 at 10:05 PM Nathan Stratton <nathan at robotics.net> wrote:
Seeing this error on FreeSWITCH 1.10.1
2019-12-11 00:19:34.288375 [ERR] switch_rtp.c:3266 video Handshake failure 1. This may happen when you use legacy DTLS v1.0 (legacyDTLS channel var is set) but endpoint requires DTLS v1.2.
Any idea how to upgrade DTLS to 1.2? I could not find much with a google search.
><>
nathan stratton_________________________________________________________________________
The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.
Join our online community to chat in real time https://signalwire.community
Professional FreeSWITCH Services
sales at freeswitch.com
https://freeswitch.com
Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com
--
Regards,Mirko_________________________________________________________________________
The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.
Join our online community to chat in real time https://signalwire.community
Professional FreeSWITCH Services
sales at freeswitch.com
https://freeswitch.com
Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com
---------- Forwarded message ----------
From: kaiduan xie via FreeSWITCH-users <freeswitch-users at lists.freeswitch.org>
To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
Cc:
Bcc:
Date: Thu, 12 Dec 2019 06:48:21 -0800 (PST)
Subject: Re: [Freeswitch-users] Upgrading DTLS
_________________________________________________________________________
The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.
Join our online community to chat in real time https://signalwire.community
Professional FreeSWITCH Services
sales at freeswitch.com
https://freeswitch.com
Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com
--
Regards,Mirko_________________________________________________________________________
The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.
Build your next product on our scalable cloud platform.
Join our online community to chat in real time https://signalwire.community
Professional FreeSWITCH Services
sales at freeswitch.com
https://freeswitch.com
Official FreeSWITCH Sites
https://freeswitch.com/oss
https://freeswitch.org/confluence
https://cluecon.com
FreeSWITCH-users mailing list
FreeSWITCH-users at lists.freeswitch.org
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20191212/a5081ffc/attachment-0001.html>
More information about the FreeSWITCH-users
mailing list