Done (http://trac.pjsip.org/repos/ticket/481). Default TLS version is now TLSv1, and also fixed the typos (website will be updated on next update schedule). I guess with this we don't need to have the command line option to set TLS version in pjsua. thanks -benny On 2/11/08, Klaus Darilion <klaus.mailinglists at pernau.at> wrote: > Thanks for the info. > > I've checked RFC 3261: It only takes about TLS (RFC 2246) - no single > word mentions SSL. > > RFC 2246 itself refers to SSL for backward compatibility reasons only. > When using openssl, it allows sending an SSLv2 ClientHello which > indicates SSLv3 and TLSv1 support too. But I'm not sure if this is > generally the case or only supported by openssl. Further, SSLv2 should > be disabled anyway (insecure). > > Thus, IMO TLSv1 should be the default value. If have asked to the SIP > implementors list for clarification. > > Anyway I have a feature request: allowing to set the TLS method via > command line for the pjsua client. > > regards > klaus > > > PS: at > http://www.pjsip.org/pjsip/docs/html/structpjsip__tls__setting.htm#3a453c419c092ecc05f0141da36183fa > there is a typo (TLS instead of SSL) > > # PJSIP_SSLV2_METHOD(2): TLSv2 > # PJSIP_SSLV3_METHOD(3): TLSv3 > # PJSIP_SSLV23_METHOD(23): TLSv23 > > > Benny Prijono schrieb: > > > On 2/8/08, Klaus Darilion <klaus.mailinglists at pernau.at> wrote: > >> Hi! > >> > >> I just wanted to try pjsua with TLS but it fails as pjsua sends a SSLv3 > >> compatible Hello whereas SIP requires TLS. > > > > Is it? I thought TLSv2/3 is okay. > > > > Anyway, PJSIP uses TLSv23 by default. If you'd like to use TLSv1, just > > add this when creating the TLS transport: > > > > tcp_cfg.tls_setting.method = PJSIP_TLSV1_METHOD; > > > > cheers, > > -benny > > > >> regards > >> klaus > > > > > _______________________________________________ > > Visit our blog: http://blog.pjsip.org > > > > pjsip mailing list > > pjsip at lists.pjsip.org > > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org > > _______________________________________________ > Visit our blog: http://blog.pjsip.org > > pjsip mailing list > pjsip at lists.pjsip.org > http://lists.pjsip.org/mailman/listinfo/pjsip_lists.pjsip.org >