[asterisk-dev] [Code Review] 4018: res_pjsip: Make transport cipher option accept a comma separated list of cipher names.

Mark Michelson reviewboard at asterisk.org
Wed Oct 1 14:55:55 CDT 2014 

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4018/#review13430
-----------------------------------------------------------

Ship it!


Ship It!

- Mark Michelson


On Oct. 1, 2014, 6:19 p.m., rmudgett wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/4018/
> -----------------------------------------------------------
> 
> (Updated Oct. 1, 2014, 6:19 p.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Bugs: ASTERISK-24199
>     https://issues.asterisk.org/jira/browse/ASTERISK-24199
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> Improvements to the res_pjsip transport cipher option.
> 
> * Made the cipher option accept a comma separated list of OpenSSL cipher names.  Users of realtime will be glad if they have more than one name to list.
> 
> * Added the CLI command 'pjsip list ciphers' so a user can know what OpenSSL names are available for the cipher option.
> 
> * Updated the cipher option online XML documentation to specify what is expected for the value.
> 
> * Updated pjsip.conf.sample to not indicate that ALL is acceptable since ALL does not imply a preference order for the ciphers.
> 
> 
> Diffs
> -----
> 
>   /branches/12/res/res_pjsip/config_transport.c 424311 
>   /branches/12/res/res_pjsip.c 424311 
>   /branches/12/configs/pjsip.conf.sample 424311 
> 
> Diff: https://reviewboard.asterisk.org/r/4018/diff/
> 
> 
> Testing
> -------
> 
> Configured a transport-tls section with the cipher option as:
> 
> cipher=ADH-AES256-SHA,ADH-AES128-SHA,ADH-AES256-SHA
> The pjsip show transport transport-tls listed only ADH-AES256-SHA and ADH-AES128-SHA with the duplicate ADH-AES256-SHA removed.
> 
> cipher=
> Blank cipher does not cause a problem.
> 
> cipher=bad-name
> Invalid cipher name is rejected and the transport is not created as expected.
> 
> The new 'pjsip list ciphers' CLI command outputs the available cipher names that can be used with the cipher option.
> 
> 
> Thanks,
> 
> rmudgett
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20141001/7f061efc/attachment-0001.html>

More information about the asterisk-dev mailing list