[Freeswitch-svn] [commit] r9906 - in freeswitch/trunk/conf: . sip_profiles

Freeswitch SVN brian at freeswitch.org
Wed Oct 8 21:13:40 EDT 2008 

Author: brian
Date: Wed Oct  8 21:13:40 2008
New Revision: 9906

Modified:
   freeswitch/trunk/conf/sip_profiles/external.xml
   freeswitch/trunk/conf/sip_profiles/internal.xml
   freeswitch/trunk/conf/vars.xml

Log:
more tweaks to the default configs \;\)

Modified: freeswitch/trunk/conf/sip_profiles/external.xml
==============================================================================
--- freeswitch/trunk/conf/sip_profiles/external.xml	(original)
+++ freeswitch/trunk/conf/sip_profiles/external.xml	Wed Oct  8 21:13:40 2008
@@ -57,15 +57,15 @@
     <!--<param name="enable-3pcc" value="true"/>-->
 
     <!-- TLS: disabled by default, set to "true" to enable -->
-    <param name="tls" value="false"/>
+    <param name="tls" value="$${external_ssl_enable}"/>
     <!-- additional bind parameters for TLS -->
     <param name="tls-bind-params" value="transport=tls"/>
     <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
     <param name="tls-sip-port" value="5081"/>
     <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
-    <param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/>
+    <param name="tls-cert-dir" value="$${external_ssl_dir}"/>
     <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
-    <param name="tls-version" value="tlsv1"/>
+    <param name="tls-version" value="$${sip_tls_version}"/>
 
   </settings>
 </profile>

Modified: freeswitch/trunk/conf/sip_profiles/internal.xml
==============================================================================
--- freeswitch/trunk/conf/sip_profiles/internal.xml	(original)
+++ freeswitch/trunk/conf/sip_profiles/internal.xml	Wed Oct  8 21:13:40 2008
@@ -84,15 +84,15 @@
     <!--<param name="unregister-on-options-fail" value="true"/>-->
 
     <!-- TLS: disabled by default, set to "true" to enable -->
-    <param name="tls" value="false"/>
+    <param name="tls" value="$${internal_ssl_enable}"/>
     <!-- additional bind parameters for TLS -->
     <param name="tls-bind-params" value="transport=tls"/>
     <!-- Port to listen on for TLS requests. (5061 will be used if unspecified) -->
     <param name="tls-sip-port" value="5061"/>
     <!-- Location of the agent.pem and cafile.pem ssl certificates (needed for TLS server) -->
-    <param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/>
+    <param name="tls-cert-dir" value="$${internal_ssl_dir}"/>
     <!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not work with TLSv1 -->
-    <param name="tls-version" value="tlsv1"/>
+    <param name="tls-version" value="$${sip_tls_version}"/>
     
     <!--If you don't want to pass through timestampes from 1 RTP call to another (on a per call basis with rtp_rewrite_timestamps chanvar)-->
     <!--<param name="rtp-rewrite-timestamps" value="true"/>-->

Modified: freeswitch/trunk/conf/vars.xml
==============================================================================
--- freeswitch/trunk/conf/vars.xml	(original)
+++ freeswitch/trunk/conf/vars.xml	Wed Oct  8 21:13:40 2008
@@ -124,3 +124,14 @@
   <!-- true or false -->
   <X-PRE-PROCESS cmd="set" data="default_provider_register=false"/>
   <X-PRE-PROCESS cmd="set" data="default_provider_contact=5000"/>
+
+  <!--
+      TLS default settings
+  -->
+  <X-PRE-PROCESS cmd="set" data="sip_tls_version=tlsv1"/>
+  <!-- Internal SIP Profile -->
+  <X-PRE-PROCESS cmd="set" data="internal_ssl_enable=false"/>
+  <X-PRE-PROCESS cmd="set" data="internal_ssl_dir=$${base_dir}/conf/ssl"/>
+  <!-- External SIP Profile -->
+  <X-PRE-PROCESS cmd="set" data="external_ssl_enable=false"/>
+  <X-PRE-PROCESS cmd="set" data="external_ssl_dir=$${base_dir}/conf/ssl"/>

More information about the Freeswitch-svn mailing list