<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Brian pushed fix to tree this morning<div class=""><br class=""></div><div class=""><div style="margin: 0px; font-size: 13px; line-height: normal; font-family: Monaco; color: rgb(175, 173, 36); background-color: rgba(0, 0, 0, 0.85098);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">commit dcc0bf72ec77042acf38172af262a4a2f35c1f48</span></div><div style="margin: 0px; font-size: 13px; line-height: normal; font-family: Monaco; color: rgb(244, 244, 244); background-color: rgba(0, 0, 0, 0.85098);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">Author: Brian West <<a href="mailto:brian@freeswitch.org" class="">brian@freeswitch.org</a>></span></div><div style="margin: 0px; font-size: 13px; line-height: normal; font-family: Monaco; color: rgb(244, 244, 244); background-color: rgba(0, 0, 0, 0.85098);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">Date:   Wed Jun 21 08:51:50 2017 -0500</span></div><div style="margin: 0px; font-size: 13px; line-height: normal; font-family: Monaco; color: rgb(244, 244, 244); background-color: rgba(0, 0, 0, 0.85098); min-height: 17px;" class=""><span style="font-variant-ligatures: no-common-ligatures" class=""></span><br class=""></div><div style="margin: 0px; font-size: 13px; line-height: normal; font-family: Monaco; color: rgb(244, 244, 244); background-color: rgba(0, 0, 0, 0.85098);" class=""><span style="font-variant-ligatures: no-common-ligatures" class="">    FS-10406: [mod_sofia] mod_sofia secure websocket connections SSLv3 and tls v1.0 is still not disabled  #resolve</span></div><div class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div><div class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div><div class=""><span style="font-variant-ligatures: no-common-ligatures" class=""><br class=""></span></div><div><blockquote type="cite" class=""><div class="">On Jun 21, 2017, at 12:28 PM, Agustí Ubalde Bellot <<a href="mailto:agubbe@gmail.com" class="">agubbe@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class=""><div class=""><div class="">Hi Michael,<br class=""><br class="">The issue has been closed without any patch attached. Will any solution be implemented?<br class=""><br class=""></div></div></div><div class="gmail_extra"><div class="gmail_quote">2017-06-21 9:30 GMT+02:00 Agustí Ubalde Bellot <span dir="ltr" class=""><<a href="mailto:agubbe@gmail.com" target="_blank" class="">agubbe@gmail.com</a>></span>:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class=""><div class=""><div class=""><div class="">Hi Michael,<br class=""><br class=""></div>I've created this ISSUE: <a href="https://freeswitch.org/jira/browse/FS-10406" target="_blank" class="">https://freeswitch.org/jira/<wbr class="">browse/FS-10406</a>.<br class=""><br class=""></div></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><div class="gmail_quote">2017-06-20 17:55 GMT+02:00 Agustí Ubalde Bellot <span dir="ltr" class=""><<a href="mailto:agubbe@gmail.com" target="_blank" class="">agubbe@gmail.com</a>></span>:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class=""><div class=""><div class="">Hi Michael,<br class=""><br class="">Yes, the version I am using is a development version (1.5.14). In any case, I have performed the same tests in version 1.6 and have the same behavior.<br class="">Instead, the verto module does block the sslv3 protocol.<br class=""></div></div></div><div class="m_6699257454503139014HOEnZb"><div class="m_6699257454503139014h5"><div class="gmail_extra"><br class=""></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></blockquote><blockquote type="cite" class=""><div class=""><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><div class="gmail_quote"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="m_6699257454503139014HOEnZb"><div class="m_6699257454503139014h5"><div class="gmail_extra"><div class="gmail_quote">2017-06-20 10:45 GMT+02:00 Agustí Ubalde Bellot <span dir="ltr" class=""><<a href="mailto:agubbe@gmail.com" target="_blank" class="">agubbe@gmail.com</a>></span>:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class="">Hi Michael,<br class=""><br class="">I have performed several connection tests forcing the sslv3 protocol over secure web sockets and the connection is established. Instead, the same test connecting to the TLS listening port, the connection is not set. The protocol is successfully disabled in the configuration.<br class="">The version of FreeSWITCH I'm testing is 1.5.14. Is there any way to prove that the sslv3 protocol is actually disabled in this release?<br class=""><br class=""><br class=""></div><div class="m_6699257454503139014m_7982207051841152130HOEnZb"><div class="m_6699257454503139014m_7982207051841152130h5"><div class="gmail_extra"><div class="gmail_quote">2017-06-15 10:07 GMT+02:00 Agustí Ubalde Bellot <span dir="ltr" class=""><<a href="mailto:agubbe@gmail.com" target="_blank" class="">agubbe@gmail.com</a>></span>:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class=""><div class=""><div class=""><div class="">Hi Brian,<br class=""><br class=""></div>Is possible to disable for web socket secure connections too?<br class=""><br class=""><br class=""></div></div></div><div class="m_6699257454503139014m_7982207051841152130m_5541221548792963090HOEnZb"><div class="m_6699257454503139014m_7982207051841152130m_5541221548792963090h5"><div class="gmail_extra"><div class="gmail_quote">2017-06-13 13:24 GMT+02:00 Agustí Ubalde Bellot <span dir="ltr" class=""><<a href="mailto:agubbe@gmail.com" target="_blank" class="">agubbe@gmail.com</a>></span>:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr" class=""><div class=""><div class="">Hi all,<br class=""><br class=""><span id="m_6699257454503139014m_7982207051841152130m_5541221548792963090m_8377923263370790484m_-7487048847402092947gmail-result_box" class="m_6699257454503139014m_7982207051841152130m_5541221548792963090m_8377923263370790484m_-7487048847402092947gmail-" lang="en"><span class="m_6699257454503139014m_7982207051841152130m_5541221548792963090m_8377923263370790484m_-7487048847402092947gmail-">Is there a FreeSWITCH update where sslv3 support is disabled?<br class=""></span></span></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></div></blockquote></div></div></div></blockquote></div><br class=""></div></body></html>