On Mon, Mar 9, 2009 at 3:38 PM, Alexandre Savard < alexandre.savard at savoirfairelinux.com> wrote: > Hi all, > > I have 3 simple questions concerning TLS and pjsip. > > > 1. Is it possible to use the TLS without the pjsip-ua library? > We are currently using GNU ccRTP for the RTP transport layer and we are > using pjsip for sip signals. It works just fine with UDP. > > The TLS transport is part of pjsip-core, so no, it doesn't need pjsip-ua library. > > 2. Is the TLS handshaking protocol actually occur while calling > pjsip_tls_transport_start() or do I need to implement it manually? > I'm initializing the transport as follow but no TLS related packet > is sent to Asterisk (pbx server), only one TCP. > > The handshake will start as soon as you're sending the first request (hence outgoing TLS connection will be initiated). > pjsip_tls_setting tls_opt; > > pjsip_tls_setting_default(&tls_opt); > > status = pjsip_tls_transport_start(_endpt, &tls_opt, &bound_addr, > &a_name, 1, &tpfactory); > > status = pj_sockaddr_in_init(&bound_addr, > &tpfactory->addr_name.host ,(pj_uint16_t)tpfactory->addr_name.port); > > status = pjsip_endpt_acquire_transport(_endpt, PJSIP_TRANSPORT_TLS, > &bound_addr, sizeof(bound_addr), NULL, &tls); > > > 3. Finally, I wan't to do a simple hanshaking, I configured Asterisk > using an openssl self-signed certificate, everything works fine. > Looking at pjsip code, it seems to me that pjsip_tls_setting_default() > is sufficient to get it working. Am I right? > > Yes that's pretty much it for a simple TLS encryption without authentication. cheers Benny > Thanks. > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.pjsip.org/pipermail/pjsip_lists.pjsip.org/attachments/20090312/5f987631/attachment.html>
