[Freeswitch-users] Upgrading DTLS

Piotr Gregor piotr at dataandsignal.com
Sun Dec 29 23:45:43 UTC 2019


Hi Nathan,

The best option is to upgrade system to one that ships with SSL above
1.1.0, like for instance new Debian 10 "Buster".

peter at photon:~/$ openssl version
OpenSSL 1.1.1d  10 Sep 2019

cheers,



Piotr Gregor
Software Engineer

M: (+44) 07483 866 525     www: dataandsignal.com






On Thu, Dec 12, 2019 at 4:03 PM kaiduan xie via FreeSWITCH-users <
freeswitch-users at lists.freeswitch.org> wrote:

>
>
>
> ---------- Forwarded message ----------
> From: kaiduan xie <kaiduanx at yahoo.ca>
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Cc:
> Bcc:
> Date: Thu, 12 Dec 2019 15:31:40 +0000 (UTC)
> Subject: Re: [Freeswitch-users] Upgrading DTLS
> Looks like your SSL version is old.
>
> #if OPENSSL_VERSION_NUMBER >= 0x10100000
>
> https://github.com/signalwire/freeswitch/blob/master/src/switch_rtp.c#L3757
>
> The following is the SSL version on 16.0.4 Ubuntu.
>
> *~*:*/usr/include/openssl*$ grep -R VERSION_NUMBER . -n
>
> ./crypto.h:152:# define SSLEAY_*VERSION_NUMBER*   OPENSSL_*VERSION_NUMBER*
>
> ./ssl.h:2868:# define SSL_R_BAD_PROTOCOL_*VERSION_NUMBER*
> 116
>
> ./ssl.h:3164:# define SSL_R_WRONG_*VERSION_NUMBER*
> 267
>
> ./pem.h:589:# define PEM_R_BAD_*VERSION_NUMBER*
> 117
>
> ./opensslv.h:33:# define OPENSSL_*VERSION_NUMBER*  0x1000207fL
>
> ./opensslv.h:83: * The current library version is stored in the macro
> SHLIB_*VERSION_NUMBER*,
>
> ./opensslv.h:91:# define SHLIB_*VERSION_NUMBER* "1.0.0"
>
> :*/usr/include/openssl*$ lsb_release -a
>
> No LSB modules are available.
>
> Distributor ID: Ubuntu
>
> Description: Ubuntu 16.04.5 LTS
>
> Release: 16.04
>
> Codename: xenial
>
>
>
> On Thursday, December 12, 2019, 09:00:42 a.m. CST, Mirko Brankovic <
> mirkobrankovic at gmail.com> wrote:
>
>
> VERSION="16.04.6 LTS (Xenial Xerus)"
> ~# dpkg -l | grep openssl
> ii  libcurl4-openssl-dev:amd64       7.47.0-1ubuntu2.14
>                      amd64        development files and documentation for
> libcurl (OpenSSL flavour)
> ii  libgnutls-openssl27:amd64        3.4.10-4ubuntu1.5
>                     amd64        GNU TLS library - OpenSSL wrapper
> ii  libxmlsec1-openssl               1.2.20-2ubuntu4
>                     amd64        Openssl engine for the XML security library
> ii  openssl                          1.0.2g-1ubuntu4.15
>                      amd64        Secure Sockets Layer toolkit -
> cryptographic utility
>
>
> But the real problem appeared on another webrtc gateway (Janus) that
> required TLS 1.2 minimum
>
> On Thu, Dec 12, 2019 at 3:48 PM kaiduan xie via FreeSWITCH-users <
> freeswitch-users at lists.freeswitch.org> wrote:
>
>
>
>
> ---------- Forwarded message ----------
> From: kaiduan xie <kaiduanx at yahoo.ca>
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Cc:
> Bcc:
> Date: Thu, 12 Dec 2019 14:47:41 +0000 (UTC)
> Subject: Re: [Freeswitch-users] Upgrading DTLS
> What OS and version you run FS on? What is the openssl version on the box?
>
> /Kaiduan
>
> On Thursday, December 12, 2019, 03:29:32 a.m. CST, Mirko Brankovic <
> mirkobrankovic at gmail.com> wrote:
>
>
> I had a same problem, and I see you can set it in vars.conf:
>
> https://github.com/signalwire/freeswitch/blob/master/conf/vanilla/vars.xml#L407
> but since we have a custom module, it didn't work for me, so I replaced
> OpenSSL with BorringSSL and fixed it that way :D
>
> On Wed, Dec 11, 2019 at 10:05 PM Nathan Stratton <nathan at robotics.net>
> wrote:
>
>
> Seeing this error on FreeSWITCH 1.10.1
>
> 2019-12-11 00:19:34.288375 [ERR] switch_rtp.c:3266 video Handshake failure
> 1. This may happen when you use legacy DTLS v1.0 (legacyDTLS channel var is
> set) but endpoint requires DTLS v1.2.
>
> Any idea how to upgrade DTLS to 1.2? I could not find much with a google
> search.
>
> ><>
> nathan stratton
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
>
>
>
> --
> Regards,
> Mirko
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
>
>
>
> ---------- Forwarded message ----------
> From: kaiduan xie via FreeSWITCH-users <
> freeswitch-users at lists.freeswitch.org>
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Cc:
> Bcc:
> Date: Thu, 12 Dec 2019 06:48:21 -0800 (PST)
> Subject: Re: [Freeswitch-users] Upgrading DTLS
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
>
>
>
> --
> Regards,
> Mirko
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
>
>
>
> ---------- Forwarded message ----------
> From: kaiduan xie via FreeSWITCH-users <
> freeswitch-users at lists.freeswitch.org>
> To: FreeSWITCH Users Help <freeswitch-users at lists.freeswitch.org>
> Cc:
> Bcc:
> Date: Thu, 12 Dec 2019 08:03:24 -0800 (PST)
> Subject: Re: [Freeswitch-users] Upgrading DTLS
> _________________________________________________________________________
>
> The FreeSWITCH project is sponsored by SignalWire https://signalwire.com
> Enhance your FreeSWITCH install with disruptive priced SMS and PSTN
> services.
> Build your next product on our scalable cloud platform.
>
> Join our online community to chat in real time
> https://signalwire.community
>
> Professional FreeSWITCH Services
> sales at freeswitch.com
> https://freeswitch.com
>
> Official FreeSWITCH Sites
> https://freeswitch.com/oss
> https://freeswitch.org/confluence
> https://cluecon.com
>
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> https://freeswitch.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20191229/1a8aab35/attachment-0001.html>


More information about the FreeSWITCH-users mailing list