[Freeswitch-users] SIP-S and openssl
mehroz
mehroz.ashraf85 at gmail.com
Sun Jun 9 11:13:33 MSD 2013
Moreover, there is a file in libs/sofia-sip/libsofia-sip-ua/tport/ as
tport_tls.c.
and a portion of fucntion:
void tls_set_default(tls_issues_t *i)
{
i->verify_depth = i->verify_depth == 0 ? 2 : i->verify_depth;
i->cert = i->cert ? i->cert : "agent.pem";
i->key = i->key ? i->key : i->cert;
i->randFile = i->randFile ? i->randFile : "tls_seed.dat";
i->CAfile = i->CAfile ? i->CAfile : "cafile.pem";
i->cipher = i->cipher ? i->cipher : "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH";
/* Default SIP cipher */
/* "RSA-WITH-AES-128-CBC-SHA"; */
/* RFC-2543-compatibility ciphersuite */
/* TLS_RSA_WITH_3DES_EDE_CBC_SHA; */
}
seems to be a relevant approach. Cipher mentioned as default
"RSA-WITH-AES-128-CBC-SHA" is returned in ServerHello in default
configuration. Changing this cipher (replacing
"ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" with "ECDHE-ECDSA-AES256-GCM-SHA384" )
according to my need i.e SUIT-B cipher and compiling FS again, results
internal SIP profile not being loaded.
Please comments if any body have previously worked or dev guys could help
so?
--
View this message in context: http://freeswitch-users.2379917.n2.nabble.com/SIP-S-and-openssl-tp7591496p7591559.html
Sent from the freeswitch-users mailing list archive at Nabble.com.
Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users
mailing list