[Freeswitch-users] SIP-S and openssl

Michael Jerris mike at jerris.com
Mon Jun 10 19:39:53 MSD 2013


This is the right area, yes.  I don't think we expose a way to configure this right now, but you can try just hacking the code here to confirm.

On Jun 9, 2013, at 3:13 AM, mehroz <mehroz.ashraf85 at gmail.com> wrote:

> Moreover, there is a file in libs/sofia-sip/libsofia-sip-ua/tport/ as
> tport_tls.c. 
> and a portion of fucntion: 
> void tls_set_default(tls_issues_t *i) 
> { 
>  i->verify_depth = i->verify_depth == 0 ? 2 : i->verify_depth; 
>  i->cert = i->cert ? i->cert : "agent.pem"; 
>  i->key = i->key ? i->key : i->cert; 
>  i->randFile = i->randFile ? i->randFile : "tls_seed.dat"; 
>  i->CAfile = i->CAfile ? i->CAfile : "cafile.pem"; 
>  i->cipher = i->cipher ? i->cipher : "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"; 
>  /* Default SIP cipher */ 
>  /* "RSA-WITH-AES-128-CBC-SHA"; */ 
>  /* RFC-2543-compatibility ciphersuite */ 
>  /* TLS_RSA_WITH_3DES_EDE_CBC_SHA; */ 
> } 
> 
> seems to be a relevant approach. Cipher mentioned as default
> "RSA-WITH-AES-128-CBC-SHA" is returned in ServerHello in default
> configuration. Changing this cipher (replacing
> "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH" with  "ECDHE-ECDSA-AES256-GCM-SHA384" )
> according to my need i.e SUIT-B cipher and compiling FS again, results
> internal SIP profile not being loaded. 
> 
> Please comments if any body have previously worked or dev guys could help
> so?
> 
> 
> 
> --
> View this message in context: http://freeswitch-users.2379917.n2.nabble.com/SIP-S-and-openssl-tp7591496p7591559.html
> Sent from the freeswitch-users mailing list archive at Nabble.com.
> 
> _________________________________________________________________________
> Professional FreeSWITCH Consulting Services:
> consulting at freeswitch.org
> http://www.freeswitchsolutions.com
> 
> 
> 
> 
> Official FreeSWITCH Sites
> http://www.freeswitch.org
> http://wiki.freeswitch.org
> http://www.cluecon.com
> 
> FreeSWITCH-users mailing list
> FreeSWITCH-users at lists.freeswitch.org
> http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
> UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
> http://www.freeswitch.org




Join us at ClueCon 2011 Aug 9-11, 2011
More information about the FreeSWITCH-users mailing list