28 maj 2013 kl. 10:15 skrev Peter Dunkley peter.dunkley@crocodile-rcs.com:
No. This information is incomplete and I have only provided this information as there was a discussion about OpenSSL during the recent developer meeting - this mailing list is the correct place to continue and conclude this discussion.
I was worried about the initialization of OpenSSL libraries. The problem we had in Asterisk was that Asterisk initialized several times and external libraries could do that as well - like jabber and database libraries. I think Kevin solved that by creating a small shim that made sure that only one call could be made. I can see that it can happen here as well with postgresql client libraries initializing OpenSSL by itself.
One of the actions from the meeting was to produce a wiki page documenting _ALL_ external libraries for each module. I do not have time to this.
I think we can do that in doxygen. I will copy the macros I created for Asterisk to produce a doxygen page with all the links.
/O
Regards,
Peter
On 28 May 2013, at 01:26, Edson - Lists 4lists@gmail.com wrote:
Hi, Peter...
Thanks for the information.... is this also available somewhere on the Wiki? Where should it fit better? In the compilation instructions? Or letting it on the modules would be enough?
Edson.
Em 27/05/2013 20:48, Peter Dunkley escreveu:
I created another module that links with OpenSSL.
The current list of (non-obsolete) modules that link with OpenSSL is:
- websocket
- auth_ephemeral
- tls
- stun
- outbound
- osp
- auth_identity
FYI, for the modules I've created the usage of OpenSSL is:
- websocket: SHA1() is used to create the key in the WebSocket handshake
response.
- auth_ephemeral: HMAC(EVP_sha1(), ...) is used to calculate the password
based on the username and secret key and openssl/sha.h is included for "#define SHA_DIGEST_LENGTH"
- outbound: HMAC(EVP_sha1(), ...) is used to encode the flow token and
RAND_bytes() is used to get cryptographically strong pseudo-random bytes for the secret key
- stun: not sure about this as a lot of the code was copied from core
sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev
sr-dev mailing list sr-dev@lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-dev