Opened 5 years ago

Closed 5 years ago

#1775 closed enhancement (fixed)

Changing OpenSSL default method from TLSv1 to SSLv23 to enable enable AES-GCM cipher suites in default (thanks Alexander Traud for the patch)

Reported by: bennylp Owned by: bennylp
Priority: normal Milestone: release-2.3
Component: pjlib Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported: no

Description

Currently with OpenSSL, PJSIP uses TLS version 1.0 for both server and client as default. AES-GCM cipher suites require at least TLS version 1.2. In the API of PJSIP, you are able to change to PJ_SSL_SOCK_PROTO_SSL23 which uses SSLv23_method() in OpenSSL.

Although the method name indicates SSL version 2 and SSL version 3, SSLv23_method() is the default in OpenSSL because only that method enables the current, save versions. In OpenSSL 1.0.1, this is SSLv3, TLSv1, TLSv1.1, and TLSv1.2. SSLv2 is turned off (although the method name might suggest the contrary; https://www.openssl.org/docs/ssl/SSL_CTX_new.html) Consequently, SSLv23_method() enables PJ_SSL_SOCK_PROTO_SSL23, which enables TLSv1.2, which enables AES-GCM cipher suites.

Because pjsua does not offer a parameter to change the TLS protocol version, the attached patch changes the default of PJSIP to the default of OpenSSL which keeps up with future changes in OpenSSL.

Change History (1)

comment:1 Changed 5 years ago by bennylp

  • Resolution set to fixed
  • Status changed from new to closed

In 4869:

Closed #1775: Changing OpenSSL default method from TLSv1 to SSLv23 to enable enable AES-GCM cipher suites in default (thanks Alexander Traud for the patch).

Also fixed a bug in SIP TLS transport (sip_transport_tls.c). According to sip_transport_tls.h:94, when PJSIP_SSL_UNSPECIFIED_METHOD is set as method, PJSIP_SSL_DEFAULT_METHOD will be used. But the implementation uses PJ_SSL_SOCK_PROTO_DEFAULT instead of PJSIP_SSL_DEFAULT_METHOD. Currently this is fine because both resolve to TLSv1, but the patch will break it.

Note: See TracTickets for help on using tickets.