kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

FS-7839: attempt to work with new EC dtls requirements for firefox >38

This commit is contained in:
Michael Jerris 2015-07-24 15:21:49 -05:00
parent 9665956431
commit 8e1b2eab7b
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/switch_rtp.c
View File

@ -3187,6 +3187,7 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, d
const char *kind = ""; const char *kind = "";
BIO *bio; BIO *bio;
DH *dh; DH *dh;
EC_KEY* ecdh;
#ifndef HAVE_OPENSSL_DTLS_SRTP #ifndef HAVE_OPENSSL_DTLS_SRTP
return SWITCH_STATUS_FALSE; return SWITCH_STATUS_FALSE;
@ -3293,6 +3294,15 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, d
SSL_set_mode(dtls->ssl, SSL_MODE_AUTO_RETRY); SSL_set_mode(dtls->ssl, SSL_MODE_AUTO_RETRY);
SSL_set_read_ahead(dtls->ssl, 1); SSL_set_read_ahead(dtls->ssl, 1);
//SSL_set_verify(dtls->ssl, (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT), cb_verify_peer); //SSL_set_verify(dtls->ssl, (SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT), cb_verify_peer);
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if (!ecdh) {
return SWITCH_STATUS_FALSE;
}
SSL_set_options(dtls->ssl, SSL_OP_SINGLE_ECDH_USE);
SSL_set_tmp_ecdh(dtls->ssl, ecdh);
EC_KEY_free(ecdh);
SSL_set_verify(dtls->ssl, SSL_VERIFY_NONE, NULL); SSL_set_verify(dtls->ssl, SSL_VERIFY_NONE, NULL);
SSL_set_app_data(dtls->ssl, dtls); SSL_set_app_data(dtls->ssl, dtls);