----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviewboard.asterisk.org/r/4018/ -----------------------------------------------------------
Review request for Asterisk Developers. Bugs: ASTERISK-24199 https://issues.asterisk.org/jira/browse/ASTERISK-24199 Repository: Asterisk Description ------- Improvements to the res_pjsip transport cipher option. * Made the cipher option accept a comma separated list of OpenSSL cipher names. Users of realtime will be glad if they have more than one name to list. * Added the CLI command 'pjsip list ciphers' so a user can know what OpenSSL names are available for the cipher option. * Updated the cipher option online XML documentation to specify what is expected for the value. * Updated pjsip.conf.sample to not indicate that ALL is acceptable since ALL does not imply a preference order for the ciphers. Diffs ----- /branches/12/res/res_pjsip/config_transport.c 423798 /branches/12/res/res_pjsip.c 423798 /branches/12/configs/pjsip.conf.sample 423798 Diff: https://reviewboard.asterisk.org/r/4018/diff/ Testing ------- Configured a transport-tls section with the cipher option as: cipher=ADH-AES256-SHA,ADH-AES128-SHA,ADH-AES256-SHA The pjsip show transport transport-tls listed only ADH-AES256-SHA and ADH-AES128-SHA with the duplicate ADH-AES256-SHA removed. cipher= Blank cipher does not cause a problem. cipher=bad-name Invalid cipher name is rejected and the transport is not created as expected. The new 'pjsip list ciphers' CLI command outputs the available cipher names that can be used with the cipher option. Thanks, rmudgett
-- _____________________________________________________________________ -- Bandwidth and Colocation Provided by http://www.api-digital.com -- asterisk-dev mailing list To UNSUBSCRIBE or update options visit: http://lists.digium.com/mailman/listinfo/asterisk-dev