|
| From: | Adam Talbot |
| Subject: | [Linphone-users] TLS Client Hello Reports Version "SSL 3.0" |
| Date: | Tue, 18 Nov 2014 14:00:41 -0800 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 |
Hi all,Recently I have tried to set up LinPhone to work with a FreeSWITCH server running on the Amazon EC2 Web Service. I was unable to do this successfully and figured I would share what I believed the problem to be.
Note: I have achieved this connection using the CSIPSimple Softphone so I am not waiting on a resolution to this issue but getting LinPhone working as well. Also I am willing to help diagnose the issue if it is needed.
I was able to register my user with the FreeSWITCH server using UDP but when I tried to use TLS the SSL "Client Hello" negotiation would fail with "Handshake Failure". A Wireshark packet capture showed some discrepancy in in the SSL header and Client Hello packet:
Secure Sockets Layer => Content Type: Handshake (22) => Version: SSL 3.0 (0x0300) ... => Handshake Protocol: Client Hello ... ===> Version: TLS 1.2 (0x0303) ...I was successfully able to pass the Client Hello negotiation using both CSIPSimple and the opensll s_client feature. CSIPSimple used version "TLS 1.0 (0x0301)" in both the packet header and the Client Hello. openssl s_client used the two version, "TLS 1.0 (0x0301)" and "TLS 1.2 (0x0303)" respectively.
Speaking to the FreeSWITCH IRC channel briefly they said SSL 3.0 is not supported leading me to believe this is what caused the failure.
I don't know that what LinPhone is doing is a bug per se. But it is a compatibility issue I figured I should report.
Thanks, Adam.
| [Prev in Thread] | Current Thread | [Next in Thread] |