When 'tlsclientmethod' is not specified in sip.conf, chan_sip uses the OpenSSL
SSLv23_method. This was documented incorrectly in the file sip.conf.sample.
SSLv23_method got its name in the 90s. Today, with OpenSSL 1.0.2, this method
enables (just) the secure TLSv1.0 and TLSv1.2. Or stated differently, that
function should have been called 'secure_method' or 'automatic_method' back in
the 90s.
Consequently please, specify 'tlsclientmethod=tlsv1' in your sip.conf only if
you face a server which has problems like not falling back to TLSv1.0
automatically.
ASTERISK-24425
Change-Id: I502ce6146b4504cadfd3973af8d6ec3994f54fa3
Previously you could add [!dnid] to the SIP dial string to alter the To:
header. This change allows you to alter the From header as well.
SIP dial string extra options now look like this:
[![touser[@todomain]][![fromuser][@fromdomain]]]
INCOMPATIBLE CHANGE: If you were using an exclamation mark in your To:
header, that is no longer possible.
ASTERISK-25803 #close
Change-Id: I2457e9ba7a89eb1da22084bab5a4d4328e189db7
In the sample sip.conf this is written with regard to notifyringing:
;notifyringing = no ; Control whether subscriptions already INUSE get sent
RINGING when another call is sent (default: yes)
However, this setting changes whether or not any RINGING indications are sent
to subscriptions. There is no separate configurable setting that allows
to control whether INUSE subscriptions also get sent RINGING. This is however
a useful option, to see (using BLF) if somebody else is able to handle an
incoming call or if everybody is busy.
This patch corrects the documentation for notifyringing (so the documentation
matches the functionality) and make notifyringing a tri-state option, by adding
the value 'notinuse' (in addition to 'yes' and 'no'). When notifyringing =
notinuse, only subscriptions that are not INUSE are sent the RINGING signal.
The default setting for notifyringing remains set to yes, so the default
behaviour is not affected.
ASTERISK-25558
Change-Id: I88f7036ee084bb3f43b74f15612695c6708f74aa
This patch adds a new setting "websockets_enabled" to sip.conf.
Setting this to false allows chan_sip to be used without causing
conflicts with res_pjsip_transport_websocket.
ASTERISK-24106 #close
Reported by: Andrew Nagy
Change-Id: I04fe8c4f2d57b2d7375e0e25826c91a72e93bea7
* In sip.conf.sample fix sentence where we said that WS or WSS are supported
transports for use in an outbound register definition. They are not
supported in that case.
* In func_cdr.c made it clear that the Disable option for CDR_PROP can be used
to enable CDR on a channel.
ASTERISK-24867 #close
Reported by: Rusty Newton
ASTERISK-24853 #close
Reported by: PSDK
Change-Id: I3d698bc6302b9d00a0a995b5c4ad9a42d69b48ca
When a client connects to a server via SSL/TLS, the server commonly utilizes an
RSA key-pair. However, other such algorithms exist (i.e. DSA and ECDSA), and if
the server socket is configured with a certificate for either one of those, it
would lose its compatibility with RSA-only clients.
Now, the server socket can be configured with up to one RSA, ECDSA and DSA key
each. For example, if a client is not compatible with SHA-2 hashed certificates
like Nokia mobile phones, the server socket still can use RSA/SHA-1 for legacy
clients and ECDSA/SHA-2 for everyone else.
ASTERISK-24815 #close
Reported by: Alexander Traud
patches:
tls_rsa_ecc_dsa.patch uploaded by Alexander Traud (License 6520)
Change-Id: Iada5e00d326db5ef86e0af7069b4dfa1b979da9a
Configuration of DTLS in the general section will be applied to any users
or peers. If configuration exists at their level it overrides the general
section values.
ASTERISK-24128 #close
Reported by: Michael K.
patches:
dtls_default_settings.patch submitted by Michael K. (license 6621)
Review: https://reviewboard.asterisk.org/r/3867/
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@427950 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Users now have the ability to bind the rtpengine instance to a specific IP
address. For example, you want chan_sip (call control) on eth0 but rtp (media)
on eth1.
ASTERISK-24280 #close
Reported by: Paul Belanger
Tested by: Paul Belanger
Review: https://reviewboard.asterisk.org/r/3952/
Patches:
rtpengine.diff uploaded by Paul Belanger
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@422241 65c4cc65-6c06-0410-ace0-fbb531ad65f3