Re: [reSIProcate-users] TLS Handshake failure on debian 8
On 31/01/17 14:22, Scott Godin wrote:
> Glad you got it working. :)
>
There is one known bug in there for TURN over TLS, fixed in the latest
code a few months ago
Some time ago I went through most of the code and changed it from TLSv1
to SSLv23 (dynamical selection of TLS version 1, 1.1, 1.2, ...). When I
fixed that for SIP, I didn't make the corresponding change in the TURN
code. So it would only accept connections from TLS v1.0 clients. I'm
not sure how fussy the web browsers are about this, maybe some will work
and others won't. The problem is, web browsers give visual feedback
when a HTTPS connection to load a page fails, but they don't give very
good feedback when a connection to a WebSocket or TURN server fails, you
often have to detect things like this by looking at the packet sniffer
or enabling browser debug logs.
Now it is also changed in the reTurn server:
https://github.com/resiprocate/resiprocate/commit/a6d67ea1319939dafca99931de408a5842276906
and that is in the 1.11 release, I recently created a beta build for 1.11
Regards,
Daniel