[asterisk-bugs] [JIRA] (ASTERISK-23498) Asterisk 12.1.1 PJSIP cipher not functioning

Rusty Newton (JIRA) noreply at issues.asterisk.org
Wed Mar 19 13:45:18 CDT 2014


    [ https://issues.asterisk.org/jira/browse/ASTERISK-23498?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=216693#comment-216693 ] 

Rusty Newton commented on ASTERISK-23498:
-----------------------------------------

When testing I get the same. I also verified my OpenSSL is installed and it is detected during compilation. I'm pretty sure this is a regression, as several of us tested this. I know I had it working with before.

It would also be nice if we updated the help text for the {{cipher}} and {{method}} options, as they are not very explicit or explanatory.

{noformat}
newtonr-laptop*CLI> config show help res_pjsip transport cipher
[transport]
cipher = [Custom] (Default: ) (Regex: false)

Preferred Cryptography Cipher (TLS ONLY)

 Many options for acceptable ciphers see link for more: http://www.openss
l.org/docs/apps/ciphers.html#CIPHER_STRINGS 

newtonr-laptop*CLI> config show help res_pjsip transport method
[transport]
method = [Custom] (Default: ) (Regex: false)

Method of SSL transport (TLS ONLY)

    default
    unspecified
    tlsv1
    sslv2
    sslv3
    sslv23

newtonr-laptop*CLI> 
{noformat}

> Asterisk 12.1.1 PJSIP cipher not functioning
> --------------------------------------------
>
>                 Key: ASTERISK-23498
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-23498
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip
>    Affects Versions: 12.1.1
>         Environment: Fedora 20 x86_64
>            Reporter: Anthony Messina
>            Assignee: Rusty Newton
>
> When using Asterisk 12.1.1 and PJSIP 2.2 (compiled as described in the Asterisk Wiki), I am unable to use the 'ciphers' parameter to set the OpenSSL ciphers for TLS connections.  Regardless of what is entered for ciphers
> {code}
> cipher=<whatever>
> {code}
> I always get the error
> {code}
> ERROR[2579]: res_pjsip/config_transport.c:404 transport_tls_cipher_handler: Cipher '<whatever>' is unsupported
> {code}
> This issue is the same as reported here: http://forums.asterisk.org/viewtopic.php?f=1&t=89309 but I can confirm that I have compiled PJSIP with OpenSSL libs
> {code}
> checking for OpenSSL installations..
> checking openssl/ssl.h usability... yes
> checking openssl/ssl.h presence... yes
> checking for openssl/ssl.h... yes
> checking for ERR_load_BIO_strings in -lcrypto... yes
> checking for SSL_library_init in -lssl... yes
> OpenSSL library found, SSL support enabled
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list