Hello Juha,
On 9/25/10 2:47 PM, Juha Heinanen wrote:
Daniel-Constantin Mierla writes:
It may be better for now to use libcurl gnutls version because tls module and any other module linked to openssl directly or via other libs (like libcurl) don't work together.
daniel,
so now sr tls implementation is based on gnutls?
no, tls module is based on openssl, but because it changes the memory manager and other things in openssl lib it does not work at the same time with other modules linked to openssl lib that use default settings (same was in 1.5 or earlier).
if so does it mean that when ua establishes tls connection to sr, it can tell for which realm the connection is intended for and sr thus supports multiple tls realms, e.g., one per domain? if i remember correctly, in the early days openssl lib and kamailio didn't support this.
The tls module has support for multi-domain (iirc, Klaus added it some time ago), but you need a recent version of openssl.
Cheers, Daniel