-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4018/
-----------------------------------------------------------
Review request for Asterisk Developers.
Bugs: ASTERISK-24199
https://issues.asterisk.org/jira/browse/ASTERISK-24199
Repository: Asterisk
Description
-------
Improvements to the res_pjsip transport cipher option.
* Made the cipher option accept a comma separated list of OpenSSL cipher names.
Users of realtime will be glad if they have more than one name to list.
* Added the CLI command 'pjsip list ciphers' so a user can know what OpenSSL
names are available for the cipher option.
* Updated the cipher option online XML documentation to specify what is
expected for the value.
* Updated pjsip.conf.sample to not indicate that ALL is acceptable since ALL
does not imply a preference order for the ciphers.
Diffs
-----
/branches/12/res/res_pjsip/config_transport.c 423798
/branches/12/res/res_pjsip.c 423798
/branches/12/configs/pjsip.conf.sample 423798
Diff: https://reviewboard.asterisk.org/r/4018/diff/
Testing
-------
Configured a transport-tls section with the cipher option as:
cipher=ADH-AES256-SHA,ADH-AES128-SHA,ADH-AES256-SHA
The pjsip show transport transport-tls listed only ADH-AES256-SHA and
ADH-AES128-SHA with the duplicate ADH-AES256-SHA removed.
cipher=
Blank cipher does not cause a problem.
cipher=bad-name
Invalid cipher name is rejected and the transport is not created as expected.
The new 'pjsip list ciphers' CLI command outputs the available cipher names
that can be used with the cipher option.
Thanks,
rmudgett
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
asterisk-dev mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/asterisk-dev
