[asterisk-dev] [Code Review] 4018: res_pjsip: Make transport cipher option accept a comma separated list of cipher names.

rmudgett reviewboard at asterisk.org
Wed Oct 1 13:19:23 CDT 2014 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4018/
-----------------------------------------------------------

(Updated Oct. 1, 2014, 1:19 p.m.)


Review request for Asterisk Developers.


Changes
-------

Fix syntax error.


Bugs: ASTERISK-24199
    https://issues.asterisk.org/jira/browse/ASTERISK-24199


Repository: Asterisk


Description
-------

Improvements to the res_pjsip transport cipher option.

* Made the cipher option accept a comma separated list of OpenSSL cipher names.  Users of realtime will be glad if they have more than one name to list.

* Added the CLI command 'pjsip list ciphers' so a user can know what OpenSSL names are available for the cipher option.

* Updated the cipher option online XML documentation to specify what is expected for the value.

* Updated pjsip.conf.sample to not indicate that ALL is acceptable since ALL does not imply a preference order for the ciphers.


Diffs (updated)
-----

  /branches/12/res/res_pjsip/config_transport.c 424311 
  /branches/12/res/res_pjsip.c 424311 
  /branches/12/configs/pjsip.conf.sample 424311 

Diff: https://reviewboard.asterisk.org/r/4018/diff/


Testing
-------

Configured a transport-tls section with the cipher option as:

cipher=ADH-AES256-SHA,ADH-AES128-SHA,ADH-AES256-SHA
The pjsip show transport transport-tls listed only ADH-AES256-SHA and ADH-AES128-SHA with the duplicate ADH-AES256-SHA removed.

cipher=
Blank cipher does not cause a problem.

cipher=bad-name
Invalid cipher name is rejected and the transport is not created as expected.

The new 'pjsip list ciphers' CLI command outputs the available cipher names that can be used with the cipher option.


Thanks,

rmudgett

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20141001/4d1557fd/attachment.html>

More information about the asterisk-dev mailing list