<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Hello Brian,<br>
<br>
Yes it's turned on:<br>
<!-- TLS: disabled by default, set to "true" to enable --><br>
<param <b>name="tls" value="true"</b>/><br>
<!-- additional bind parameters for TLS --><br>
<param name="tls-bind-params" value="transport=tls"/><br>
<!-- Port to listen on for TLS requests. (5061 will be used if
unspecified) --><br>
<param name="tls-sip-port" value="5061"/><br>
<!-- Location of the agent.pem and cafile.pem ssl certificates
(needed for TLS server) --><br>
<param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/><br>
<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may
not work with TLSv1 --><br>
<param name="tls-version" value="tlsv1"/><br>
<br>
<br>
I recompiled it and checked the output for warnings and errors. This is
what I found:<br>
<br>
configure: WARNING: python2.5 is unusable<br>
configure: WARNING: Your python lacks threads support, can not build
mod_python<br>
config.status: WARNING: Makefile.in seems to ignore the --datarootdir
setting<br>
./configure: line 4234: AX_COMPILER_VENDOR: command not found<br>
config.status: WARNING: apr-config.in seems to ignore the
--datarootdir setting<br>
/bin/bash: /usr/src/freeswitch/libs/curl/missing: No such file or
directory<br>
configure: WARNING: `missing' script is too old or missing<br>
configure: WARNING: dlfcn.h: present but cannot be compiled<br>
configure: WARNING: dlfcn.h: check for missing prerequisite headers?<br>
configure: WARNING: dlfcn.h: see the Autoconf documentation<br>
configure: WARNING: dlfcn.h: section "Present But Cannot Be
Compiled"<br>
configure: WARNING: dlfcn.h: proceeding with the preprocessor's result<br>
configure: WARNING: dlfcn.h: in the future, the compiler will take
precedence<br>
libtool: line 121: CC: command not found<br>
config.status: WARNING: config/autoconf.mk.in seems to ignore the
--datarootdir setting<br>
./configure: line 1908: /shtool: No such file or directory<br>
configure: WARNING: dlfcn.h: accepted by the compiler, rejected by the
preprocessor!<br>
configure: WARNING: dlfcn.h: proceeding with the compiler's result<br>
configure: WARNING: Touching files in directory tests/.<br>
config.status: WARNING: packages/sofia-sip-ua.pc.in seems to ignore
the --datarootdir setting<br>
mod_lua_wrap.cpp: In function ‘int
_wrap_CoreSession_hangup__SWIG_1(lua_State*)’:<br>
mod_lua_wrap.cpp:4563: warning: deprecated conversion from string
constant to ‘char*’<br>
sndfile.c: In function ‘sf_error’:<br>
sndfile.c:491: warning: the address of ‘sf_error’ will never be NULL<br>
libtool: link: warning: `-version-info/-version-number' is ignored for
convenience libraries<br>
quiet_libtool: install: warning: relinking `mod_sofia.la'<br>
../../../../libs/xmlrpc-c/src/method.c: In function
‘xmlrpc_methodCreate’:<br>
../../../../libs/xmlrpc-c/src/method.c:213: note: ‘signatureP’ was
declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c: In function
‘xmlrpc_parseValue’:<br>
../../../../libs/xmlrpc-c/src/parse_value.c:199: note: ‘valueElemP’ was
declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:191: note: ‘nameElemP’ was
declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:245: note: ‘keyP’ was
declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:420: note: ‘fractionEnd’
was declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:419: note: ‘fraction’ was
declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:418: note: ‘mantissaEnd’
was declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:417: note: ‘mantissa’ was
declared here<br>
../../../../libs/xmlrpc-c/src/parse_value.c:503: note: ‘valueDouble’
was declared here<br>
../../../../libs/xmlrpc-c/src/system_method.c: In function
‘system_methodSignature’:<br>
../../../../libs/xmlrpc-c/src/system_method.c:455: note: ‘signatureVP’
was declared here<br>
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c: In function
‘handleXmlrpcReq’:<br>
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c:474: note: ‘body’
was declared here<br>
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c: In function
‘xmlrpc_server_abyss_create’:<br>
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c:894: note:
‘socketFd’ was declared here<br>
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c:893: note:
‘portNumber’ was declared here<br>
<br>
Is there anything special I have to take care aout?<br>
<br>
I also grepped the ./configure and make output for "tls" and received
the following:<br>
<br>
config.status: creating scripts/gentls_cert<br>
checking for libgnutls-config... /usr/bin/libgnutls-config<br>
checking for libgnutls - version >= 0.1.0... yes<br>
<br>
It also compiles tport_type_tls.o and tport_type_tls.o<br>
<br>
When I grep for "ssl" I received the following:<br>
checking for SSL_connect in -lssl... yes<br>
checking openssl/x509.h usability... yes<br>
checking openssl/x509.h presence... yes<br>
checking for openssl/x509.h... yes<br>
checking openssl/rsa.h usability... yes<br>
checking openssl/rsa.h presence... yes<br>
checking for openssl/rsa.h... yes<br>
checking openssl/crypto.h usability... yes<br>
checking openssl/crypto.h presence... yes<br>
checking for openssl/crypto.h... yes<br>
checking openssl/pem.h usability... yes<br>
checking openssl/pem.h presence... yes<br>
checking for openssl/pem.h... yes<br>
checking openssl/ssl.h usability... yes<br>
checking openssl/ssl.h presence... yes<br>
checking for openssl/ssl.h... yes<br>
checking openssl/err.h usability... yes<br>
checking openssl/err.h presence... yes<br>
checking for openssl/err.h... yes<br>
checking openssl/pkcs12.h usability... yes<br>
checking openssl/pkcs12.h presence... yes<br>
checking for openssl/pkcs12.h... yes<br>
checking openssl/engine.h usability... yes<br>
checking openssl/engine.h presence... yes<br>
checking for openssl/engine.h... yes<br>
config.status: creating packages/Linux/RPM/curl-ssl.spec<br>
checking for openssl... yes<br>
checking openssl_CFLAGS...<br>
checking openssl_LIBS... -lssl -lcrypto<br>
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o stunc stunc.o ./.libs/libstun.a
../sresolv/.libs/libsresolv.a ../su/.libs/libsu.a -lssl -lcrypto -lrt
-lpthread<br>
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o sip-options sip-options.o
../libsofia-sip-ua/.libs/libsofia-sip-ua.a -lssl -lcrypto -lrt -lpthread<br>
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o sip-date sip-date.o
../libsofia-sip-ua/.libs/libsofia-sip-ua.a -lssl -lcrypto -lrt -lpthread<br>
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o sip-dig sip-dig.o
../libsofia-sip-ua/.libs/libsofia-sip-ua.a -lssl -lcrypto -lrt -lpthread<br>
gcc -shared .libs/mod_sofia_la-mod_sofia.o .libs/mod_sofia_la-sofia.o
.libs/mod_sofia_la-sofia_glue.o .libs/mod_sofia_la-sofia_presence.o
.libs/mod_sofia_la-sofia_reg.o -Wl,--whole-archive
/usr/src/freeswitch/libs/sofia-sip/libsofia-sip-ua/.libs/libsofia-sip-ua.a
-Wl,--no-whole-archive -Wl,--rpath -Wl,/usr/local/freeswitch/lib
-L/usr/local/freeswitch/lib -lfreeswitch -lssl -lcrypto -lrt -lpthread
-lncurses -Wl,-soname -Wl,mod_sofia.so -o .libs/mod_sofia.so<br>
root@freeswitch:/var/log#<br>
<br>
So it seems that in fact he tries to use ssl.<br>
But I still receive<br>
2008-08-03 18:57:32 [NOTICE] sofia.c:1883 config_sofia() Started
Profile internal [sofia_reg_internal]<br>
2008-08-03 18:57:32 [DEBUG] sofia.c:522 sofia_profile_thread_run()
Creating agent for internal<br>
2008-08-03 18:57:32 [<b>ERR] sofia.c:552 sofia_profile_thread_run()
Error Creating SIP UA for profile: internal</b><br>
<br>
<br>
Best regards<br>
Peter<br>
<br>
Brian West schrieb:
<blockquote
cite="mid:1B5742F8-A723-44B5-89AE-7F4B2E12FE6E@freeswitch.org"
type="cite">
<pre wrap="">Did you turn tls on the profile on?
/b
Sent from my iPhone
On Aug 3, 2008, at 6:44 AM, Peter P GMX <a class="moz-txt-link-rfc2396E" href="mailto:Prometheus001@gmx.net"><Prometheus001@gmx.net></a> wrote:
</pre>
<blockquote type="cite">
<pre wrap="">If have done this but again the same result.
Is there any way to enhance the output in the log (currently
loglevel is
debug) or to determine if freeswitch was compiled correctly with
TLS? At
least if I grep the freeswitch binary with tls there is no occurence.
Best regards
Peter
Brian West schrieb:
</pre>
<blockquote type="cite">
<pre wrap="">Make sure you install OpenSSL-Dev packages and ./configure again.
/b
On Aug 2, 2008, at 10:54 AM, Peter P GMX wrote:
</pre>
<blockquote type="cite">
<pre wrap="">Any hints how to continue?
</pre>
</blockquote>
<pre wrap="">
_______________________________________________
Freeswitch-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeswitch-users@lists.freeswitch.org">Freeswitch-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
<pre wrap="">_______________________________________________
Freeswitch-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeswitch-users@lists.freeswitch.org">Freeswitch-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
<pre wrap=""><!---->
_______________________________________________
Freeswitch-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeswitch-users@lists.freeswitch.org">Freeswitch-users@lists.freeswitch.org</a>
<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a>
UNSUBSCRIBE:<a class="moz-txt-link-freetext" href="http://lists.freeswitch.org/mailman/options/freeswitch-users">http://lists.freeswitch.org/mailman/options/freeswitch-users</a>
<a class="moz-txt-link-freetext" href="http://www.freeswitch.org">http://www.freeswitch.org</a>
</pre>
</blockquote>
</body>
</html>