kenmirrors/freeswitch
1
0
Fork 0
mirror of https://github.com/signalwire/freeswitch.git synced 2025-04-02 19:29:31 +00:00
Code Issues Projects Releases Wiki Activity

clarify tls ciphers and update num to allow for ipv6 and tls options

Browse Source
This commit is contained in:
Brian West 2014-09-10 14:49:56 -05:00
parent 908dd26559
commit d06ac756eb
2 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
conf/vanilla/autoload_configs/enum.conf.xml
View File

@ -14,8 +14,8 @@
</settings> </settings>
<routes> <routes>
<route service="E2U+SIP" regex="sip:(.*)" replace="sofia/${use_profile}/$1;transport=udp"/> <route service="E2U+SIP" regex="sip:(.*)" replace="sofia/${use_profile}-ipv6/$1;transport=udp|sofia/${use_profile}/$1;transport=udp"/>
<route service="E2T+SIP" regex="sip:(.*)" replace="sofia/${use_profile}/$1;transport=tcp"/> <route service="E2T+SIP" regex="sip:(.*)" replace="sofia/${use_profile}-ipv6/$1;transport=tcp|sofia/${use_profile}/$1;transport=tcp"/>
<!--<route service="E2U+XMPP" regex="XMPP:(.*)" replace="dingaling/$${xmpp_server_profile}/$1"/>--> <route service="E2T+SIPS" regex="sip:(.*)" replace="sofia/${use_profile}-ipv6/$1;transport=tls|sofia/${use_profile}/$1;transport=tls"/>
</routes> </routes>
</configuration> </configuration>

10
conf/vanilla/vars.xml
View File

@ -61,7 +61,7 @@
<X-PRE-PROCESS cmd="set" data="domain=$${local_ip_v4}"/> <X-PRE-PROCESS cmd="set" data="domain=$${local_ip_v4}"/>
<X-PRE-PROCESS cmd="set" data="domain_name=$${domain}"/> <X-PRE-PROCESS cmd="set" data="domain_name=$${domain}"/>
<X-PRE-PROCESS cmd="set" data="hold_music=local_stream://moh"/> <X-PRE-PROCESS cmd="set" data="hold_music=local_stream://moh"/>
<X-PRE-PROCESS cmd="set" data="use_profile=internal"/> <X-PRE-PROCESS cmd="set" data="use_profile=external"/>
<X-PRE-PROCESS cmd="set" data="rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8|AES_CM_256_HMAC_SHA1_80|AES_CM_192_HMAC_SHA1_80|AES_CM_128_HMAC_SHA1_80|AES_CM_256_HMAC_SHA1_32|AES_CM_192_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_32|AES_CM_128_NULL_AUTH"/> <X-PRE-PROCESS cmd="set" data="rtp_sdes_suites=AEAD_AES_256_GCM_8|AEAD_AES_128_GCM_8|AES_CM_256_HMAC_SHA1_80|AES_CM_192_HMAC_SHA1_80|AES_CM_128_HMAC_SHA1_80|AES_CM_256_HMAC_SHA1_32|AES_CM_192_HMAC_SHA1_32|AES_CM_128_HMAC_SHA1_32|AES_CM_128_NULL_AUTH"/>
<!-- <!--
Enable ZRTP globally you can override this on a per channel basis Enable ZRTP globally you can override this on a per channel basis
@ -390,6 +390,14 @@
<!-- <!--
TLS cipher suite: default ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH TLS cipher suite: default ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH
The actual ciphers supported will change per platform.
openssl ciphers -v 'ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH'
Will show you what is available in your verion of openssl.
Freeswitch does not support non-Elliptic Curve Diffie Hellman key
exchange.
--> -->
<X-PRE-PROCESS cmd="set" data="sip_tls_ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"/> <X-PRE-PROCESS cmd="set" data="sip_tls_ciphers=ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"/>