AST-2016-001 http: Provide greater control of TLS and set modern defaults.
authorJoshua Colp <jcolp@digium.com>
Wed, 3 Feb 2016 18:05:20 +0000 (14:05 -0400)
committerKevin Harwell <kharwell@digium.com>
Wed, 3 Feb 2016 21:10:16 +0000 (15:10 -0600)
commit0de74fad5597ba12ec68bcc935330a612ee255d6
tree562dd3c4d61e873505d2bdf5e108da3c3a459805
parentae1f728f0f7f816a3e697a0c039046f23ec9ccf3
AST-2016-001 http: Provide greater control of TLS and set modern defaults.

This change exposes the configuration of various aspects of the TLS
support and sets the default to the modern standards.

The TLS cipher is now set to the best values according to the
Mozilla OpSec team, different TLS versions can now be disabled, and
the cipher order can be forced to be that of the server instead of
the client.

ASTERISK-24972 #close

Change-Id: I0a10f2883f7559af5e48dee0901251dbf30d45b8
configs/samples/http.conf.sample
include/asterisk/tcptls.h
main/http.c
main/tcptls.c