i will use --enable-srtp_tls, --enable-vrban, well... :) the work if have done was to port the two old * patches to CW. They are not written by me. In the moment you only need --enable-srtp, TLS/TCP is activ by default in the branch.
Based on this two old * patches: SRTP patch: http://bugs.digium.com/view.php?id=5413 TCP/TLS patch: http://bugs.digium.com/view.php?id=4903 ssl certificate into /usr/local/share/callweaver/keys: get them here: http://bugs.digium.com/file_download.php?file_id=7153&type=bug But then you need to set "asterisk" as serverkeypassword in sip.conf. So i suggest to create your own ssl certificates. You can test srtp/tls with the softphone phonerlite (windows only, but works fine with wine) and snom phones. srtp and tcp (without tls) also with grandstream. The only (german) Provider with srtp(without tls) i know is dus.net. Kristijan thomas schorpp schrieb: > Kristijan Vrban wrote: > >> sure, i iam also a friend of stability. But srtp and tls are disabled by >> default. To activate you will >> still need a --enable-encryption (what i will add later). So the risk to >> breaking something is >> > > wrong name, use --enable-srtp_tls, "encryption" misses auth. > > >> minimized. Most stuff is jailed in #ifdef's >> > > ok. > > >> But the trueness is... i threatened to put the patch into 1.2 to awaken >> some people to test the >> srtp_tls branch and get some feedback on it :) >> > > i know ;) > so lets use --enable-vrban to credit the great work by person cult :D > > tell me some peers and sip-providers supporting it. > > >> >> Kristijan >> >> > > y > tom > > >> thomas schorpp schrieb: >> >>> Duane at e164 dot org wrote: >>> >>> >>>> Kristijan Vrban wrote: >>>> >>>> >>>>> that's why i wanted to put it into 1.2. As long as it sleeps in my >>>>> private branch, i am the only tester. >>>>> My limited tests show: it compiles, produced no crash and srtp and tls >>>>> are working. >>>>> >>>>> >>>> I'm happy to give it a go, will compile it up shortly and see how things >>>> go. >>>> >>>> >>>> >>> i would second that. but for trunk only. risk of breaking stable branch >>> due to "limited tests" is too high. >>> >>> y >>> tom >>> > _______________________________________________ > Callweaver-dev mailing list > [email protected] > http://lists.callweaver.org/mailman/listinfo/callweaver-dev > > > _______________________________________________ Callweaver-dev mailing list [email protected] http://lists.callweaver.org/mailman/listinfo/callweaver-dev
