Author: file
Date: Thu Jan 29 06:08:39 2015
New Revision: 431384
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=431384
Log:
res_rtp_asterisk: Fix DTLS when used with OpenSSL 1.0.1k
A recent security fix for OpenSSL broke DTLS negotiation for many
applications. This was caused by read ahead not being enabled when it
should be. While a commit has gone into OpenSSL to force read ahead
on for DTLS it may take some time for a release to be made and the
change to be present in distributions (if at all). As enabling read
ahead is a simple one line change this commit does that and fixes
the issue.
ASTERISK-24711 #close
Reported by: Jared Biel
Modified:
branches/11/res/res_rtp_asterisk.c
Modified: branches/11/res/res_rtp_asterisk.c
URL:
http://svnview.digium.com/svn/asterisk/branches/11/res/res_rtp_asterisk.c?view=diff&rev=431384&r1=431383&r2=431384
==============================================================================
--- branches/11/res/res_rtp_asterisk.c (original)
+++ branches/11/res/res_rtp_asterisk.c Thu Jan 29 06:08:39 2015
@@ -1262,6 +1262,8 @@
if (!(rtp->ssl_ctx = SSL_CTX_new(DTLSv1_method()))) {
return -1;
}
+
+ SSL_CTX_set_read_ahead(rtp->ssl_ctx, 1);
rtp->dtls_verify = dtls_cfg->verify;
--
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --
svn-commits mailing list
To UNSUBSCRIBE or update options visit:
http://lists.digium.com/mailman/listinfo/svn-commits
