<html><head> <style></style> </head> <body><div>Hi,</div><div><br></div><div>Sorry for the slow reply.</div><div><br></div><div>My great master plan was to remove the libnice specific interface and replace it with GLib's GDatagramBased + GIOStream.. and then I can just use glib-networking's abstraction for TLS.. so I get support for both OpenSSL and GnuTLS for free.</div><div><br></div><div>That said, I'd also accept patch that implement it with either of them directly at this point.. Right now, we have support for OpenSSL, GnuTLS and the native Windows API. This is also something my team could do if you're looking to outsource.</div><div><br></div><div>Olivier</div><div><br></div><div>On Mon, 2021-12-13 at 17:07 +0000, Johan Sternerup wrote:</div><blockquote type="cite" style="margin:0 0 0 .8ex; border-left:2px #729fcf solid;padding-left:1ex"><div><meta content="text/html; charset=UTF-8"></div><div><style type="text/css"></style></div><div dir="ltr"><div id="x_divtagdefaultwrapper" dir="ltr" style="font-size:12pt; color:#000000; font-family:Calibri,Helvetica,sans-serif"><p>Ok.</p><p>Seems like its doable with a reasonable effort then.<br></p><p>Any thoughts on what TLS library to use and if it should be made optional to minimize dependencies?</p><p>I'm thinking libsoup would be a good fit but it does bring in some extra dependencies.</p><p>On the other hand you'd also be able to get <span>HTTP1.1 proxy support</span> through libsoup in addition to using OpenSSL or GnuTLS directly.</p><p><br></p><p>/ Johan<br></p></div><hr tabindex="-1" style="display:inline-block; width:98%"><div id="x_divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>Från:</b> Olivier Crête <olivier.crete@collabora.com><br><b>Skickat:</b> den 13 december 2021 15:59:31<br><b>Till:</b> Niklas Andersson; Johan Sternerup<br><b>Kopia:</b> nice@lists.freedesktop.org<br><b>Ämne:</b> Re: [libnice] TURN/TLS support in libnice</font><div> </div></div></div><div><font size="2"><span style="font-size:10pt;"><div class="PlainText">Hi,<br><br>This is indeed the status. I'd love to add the feature, but up to now,<br>no one has cared enough to speed a couple weeks implementing it (or to<br>hire us to do it).<br><br>We have a socket abstraction layer, so we just need to sandwich a TLS<br>library in there.<br><br>Olivier<br><br>On Mon, 2021-12-13 at 01:10 +0100, Niklas Andersson wrote:<br>> Looks like there are no plans [1], but that the feature makes sense,<br>> so with adequate funding and working with the right people it would<br>> be possible to make it happen.<br>> <br>> I have had features sponsored and successfully added to libnice and<br>> other libraries in the past. Just let me know and I'll point you in<br>> the right direction.<br>> <br>> [1]<br>> <a href="https://lists.freedesktop.org/archives/nice/2016-December/001351.html">https://lists.freedesktop.org/archives/nice/2016-December/001351.html</a><br>> <br>> - Niklas<br>> <br>> On Sun, Dec 12, 2021 at 10:22 PM Johan Sternerup<br>> <Johan.Sternerup@axis.com> wrote:<br>> > Hi!<br>> > <br>> > I'm wondering if there is any interest in implementing support for<br>> > TURN/TLS in libnice. Maybe even plans?<br>> > <br>> > TURN/TLS is actually a MUST requirement in RFC8835 (Transports for<br>> > WebRTC) so it should be a feature of general interest I think.<br>> > <br>> > / Johan<br>> > <br><br></div></span></font></div></blockquote><div><br></div><div><span><pre>-- <br></pre><div data-evo-paragraph="" class="">Olivier Crête</div><div data-evo-paragraph="" class=""><a href="mailto:olivier.crete@collabora.com">olivier.crete@collabora.com</a></div><div data-evo-paragraph="" class=""><br></div></span></div></body></html>