Hello Brian,
Yes it's turned on:
<!-- TLS: disabled by default, set to "true" to enable -->
<param *name="tls" value="true"*/>
<!-- additional bind parameters for TLS -->
<param name="tls-bind-params" value="transport=tls"/>
<!-- Port to listen on for TLS requests. (5061 will be used if
unspecified) -->
<param name="tls-sip-port" value="5061"/>
<!-- Location of the agent.pem and cafile.pem ssl certificates
(needed for TLS server) -->
<param name="tls-cert-dir" value="$${base_dir}/conf/ssl"/>
<!-- TLS version ("sslv23" (default), "tlsv1"). NOTE: Phones may not
work with TLSv1 -->
<param name="tls-version" value="tlsv1"/>
I recompiled it and checked the output for warnings and errors. This is
what I found:
configure: WARNING: python2.5 is unusable
configure: WARNING: Your python lacks threads support, can not build
mod_python
config.status: WARNING: Makefile.in seems to ignore the --datarootdir
setting
./configure: line 4234: AX_COMPILER_VENDOR: command not found
config.status: WARNING: apr-config.in seems to ignore the --datarootdir
setting
/bin/bash: /usr/src/freeswitch/libs/curl/missing: No such file or directory
configure: WARNING: `missing' script is too old or missing
configure: WARNING: dlfcn.h: present but cannot be compiled
configure: WARNING: dlfcn.h: check for missing prerequisite headers?
configure: WARNING: dlfcn.h: see the Autoconf documentation
configure: WARNING: dlfcn.h: section "Present But Cannot Be Compiled"
configure: WARNING: dlfcn.h: proceeding with the preprocessor's result
configure: WARNING: dlfcn.h: in the future, the compiler will take
precedence
libtool: line 121: CC: command not found
config.status: WARNING: config/autoconf.mk.in seems to ignore the
--datarootdir setting
./configure: line 1908: /shtool: No such file or directory
configure: WARNING: dlfcn.h: accepted by the compiler, rejected by the
preprocessor!
configure: WARNING: dlfcn.h: proceeding with the compiler's result
configure: WARNING: Touching files in directory tests/.
config.status: WARNING: packages/sofia-sip-ua.pc.in seems to ignore the
--datarootdir setting
mod_lua_wrap.cpp: In function ‘int
_wrap_CoreSession_hangup__SWIG_1(lua_State*)’:
mod_lua_wrap.cpp:4563: warning: deprecated conversion from string
constant to ‘char*’
sndfile.c: In function ‘sf_error’:
sndfile.c:491: warning: the address of ‘sf_error’ will never be NULL
libtool: link: warning: `-version-info/-version-number' is ignored for
convenience libraries
quiet_libtool: install: warning: relinking `mod_sofia.la'
../../../../libs/xmlrpc-c/src/method.c: In function ‘xmlrpc_methodCreate’:
../../../../libs/xmlrpc-c/src/method.c:213: note: ‘signatureP’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c: In function
‘xmlrpc_parseValue’:
../../../../libs/xmlrpc-c/src/parse_value.c:199: note: ‘valueElemP’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:191: note: ‘nameElemP’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:245: note: ‘keyP’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:420: note: ‘fractionEnd’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:419: note: ‘fraction’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:418: note: ‘mantissaEnd’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:417: note: ‘mantissa’ was
declared here
../../../../libs/xmlrpc-c/src/parse_value.c:503: note: ‘valueDouble’ was
declared here
../../../../libs/xmlrpc-c/src/system_method.c: In function
‘system_methodSignature’:
../../../../libs/xmlrpc-c/src/system_method.c:455: note: ‘signatureVP’
was declared here
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c: In function
‘handleXmlrpcReq’:
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c:474: note: ‘body’
was declared here
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c: In function
‘xmlrpc_server_abyss_create’:
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c:894: note:
‘socketFd’ was declared here
../../../../libs/xmlrpc-c/src/xmlrpc_server_abyss.c:893: note:
‘portNumber’ was declared here
Is there anything special I have to take care aout?
I also grepped the ./configure and make output for "tls" and received
the following:
config.status: creating scripts/gentls_cert
checking for libgnutls-config... /usr/bin/libgnutls-config
checking for libgnutls - version >= 0.1.0... yes
It also compiles tport_type_tls.o and tport_type_tls.o
When I grep for "ssl" I received the following:
checking for SSL_connect in -lssl... yes
checking openssl/x509.h usability... yes
checking openssl/x509.h presence... yes
checking for openssl/x509.h... yes
checking openssl/rsa.h usability... yes
checking openssl/rsa.h presence... yes
checking for openssl/rsa.h... yes
checking openssl/crypto.h usability... yes
checking openssl/crypto.h presence... yes
checking for openssl/crypto.h... yes
checking openssl/pem.h usability... yes
checking openssl/pem.h presence... yes
checking for openssl/pem.h... yes
checking openssl/ssl.h usability... yes
checking openssl/ssl.h presence... yes
checking for openssl/ssl.h... yes
checking openssl/err.h usability... yes
checking openssl/err.h presence... yes
checking for openssl/err.h... yes
checking openssl/pkcs12.h usability... yes
checking openssl/pkcs12.h presence... yes
checking for openssl/pkcs12.h... yes
checking openssl/engine.h usability... yes
checking openssl/engine.h presence... yes
checking for openssl/engine.h... yes
config.status: creating packages/Linux/RPM/curl-ssl.spec
checking for openssl... yes
checking openssl_CFLAGS...
checking openssl_LIBS... -lssl -lcrypto
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o stunc stunc.o ./.libs/libstun.a
../sresolv/.libs/libsresolv.a ../su/.libs/libsu.a -lssl -lcrypto -lrt
-lpthread
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o sip-options sip-options.o
../libsofia-sip-ua/.libs/libsofia-sip-ua.a -lssl -lcrypto -lrt -lpthread
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o sip-date sip-date.o
../libsofia-sip-ua/.libs/libsofia-sip-ua.a -lssl -lcrypto -lrt -lpthread
gcc -Wall -DSU_DEBUG=0 -g -ggdb -o sip-dig sip-dig.o
../libsofia-sip-ua/.libs/libsofia-sip-ua.a -lssl -lcrypto -lrt -lpthread
gcc -shared .libs/mod_sofia_la-mod_sofia.o .libs/mod_sofia_la-sofia.o
.libs/mod_sofia_la-sofia_glue.o .libs/mod_sofia_la-sofia_presence.o
.libs/mod_sofia_la-sofia_reg.o -Wl,--whole-archive
/usr/src/freeswitch/libs/sofia-sip/libsofia-sip-ua/.libs/libsofia-sip-ua.a
-Wl,--no-whole-archive -Wl,--rpath -Wl,/usr/local/freeswitch/lib
-L/usr/local/freeswitch/lib -lfreeswitch -lssl -lcrypto -lrt -lpthread
-lncurses -Wl,-soname -Wl,mod_sofia.so -o .libs/mod_sofia.so
[EMAIL PROTECTED]:/var/log#
So it seems that in fact he tries to use ssl.
But I still receive
2008-08-03 18:57:32 [NOTICE] sofia.c:1883 config_sofia() Started Profile
internal [sofia_reg_internal]
2008-08-03 18:57:32 [DEBUG] sofia.c:522 sofia_profile_thread_run()
Creating agent for internal
2008-08-03 18:57:32 [*ERR] sofia.c:552 sofia_profile_thread_run() Error
Creating SIP UA for profile: internal*
Best regards
Peter
Brian West schrieb:
Did you turn tls on the profile on?
/b
Sent from my iPhone
On Aug 3, 2008, at 6:44 AM, Peter P GMX <[EMAIL PROTECTED]> wrote:
If have done this but again the same result.
Is there any way to enhance the output in the log (currently
loglevel is
debug) or to determine if freeswitch was compiled correctly with
TLS? At
least if I grep the freeswitch binary with tls there is no occurence.
Best regards
Peter
Brian West schrieb:
Make sure you install OpenSSL-Dev packages and ./configure again.
/b
On Aug 2, 2008, at 10:54 AM, Peter P GMX wrote:
Any hints how to continue?
_______________________________________________
Freeswitch-users mailing list
[email protected]
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_______________________________________________
Freeswitch-users mailing list
[email protected]
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_______________________________________________
Freeswitch-users mailing list
[email protected]
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
_______________________________________________
Freeswitch-users mailing list
[email protected]
http://lists.freeswitch.org/mailman/listinfo/freeswitch-users
UNSUBSCRIBE:http://lists.freeswitch.org/mailman/options/freeswitch-users
http://www.freeswitch.org
