Changes between Version 4 and Version 5 of Ticket #957


Ignore:
Timestamp:
Oct 16, 2009 3:46:44 AM (13 years ago)
Author:
bennylp
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #957 – Description

    v4 v5  
    11'''Objective:''' 
    22 
    3   To create a portable SSL/secure socket abstraction in PJLIB. 
     3  To create a portable SSL/secure socket abstraction in PJLIB and to rewrite the SIP TLS transport in PJSIP. 
    44 
    55'''Specifications:''' 
    66 
    7  '''PJLIB:''' 
    8  
    9    - asynchronous I/O API similar to PJLIB's [http://www.pjsip.org/pjlib/docs/html/group__PJ__ACTIVESOCK.htm Active Socket] API 
    10    - supports various backends such as OpenSSL, Symbian's CSecureSocket, and Windows SSPI. 
    11    - (limited) certificate management API, for backends that supports it. 
    12  
    13  '''PJSIP:''' 
    14  
    15    - rewrite of PJSIP's SIP SSL transport to use the new PJLIB secure socket. 
     7   1. General: 
     8     - supports client and server socket operations (note: Symbian's CSecureSocket only supports client sockets) 
     9   1. I/O: 
     10     - asynchronous I/O API similar to PJLIB's [http://www.pjsip.org/pjlib/docs/html/group__PJ__ACTIVESOCK.htm Active Socket] API 
     11     - timeout setting for SSL negotiation 
     12     - buffer size control 
     13   1. Options: 
     14     - select SSL version to use (SSLv23, TLSv1, etc) 
     15     - select ciphersuite to use 
     16     - verify server's certificate (note: not available on Symbian) 
     17     - verify client's certificate (note: not available on Symbian) 
     18     - TLS server name extension to support connecting to multihosted TLS server (note: only available on recent OpenSSL versoins) 
     19   1. Certificate management (note: not available on Symbian): 
     20     - specify which certificate to use 
     21     - load the certificate, either from file(s) or OS's certificate store. 
     22     - retrieve certificate infos. 
    1623 
    1724 
    18 '''Implementation:''' 
     25'''Backends:''' 
    1926 
    20  This initial implementation supports: 
    21  - OpenSSL 
    22  - CSecureSocket on Symbian 
     27 1. OpenSSL 
     28 1. CSecureSocket on Symbian 
    2329 
    24  
    25 '''Limitations:''' 
    26  
    27  - CSecureSocket does not support server socket (SDK limitation). 
    28  - Servername verification may not work. 
    29  - CSecureSocket cannot specify certificate when required by server (SDK limitation?)