kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-03 11:11:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge "res_rtp_asterisk: Don't leak temporary key when enabling PFS." into 13

Browse Source
This commit is contained in:
Mark Michelson
2015-08-05 12:45:09 -05:00
committed by Gerrit Code Review
parent 27dc2094e9 9a12804e59
commit 56d11d4198
1 changed files with 8 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
res/res_rtp_asterisk.c
View File

@@ -1268,6 +1268,9 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
{ {
struct ast_rtp *rtp = ast_rtp_instance_get_data(instance); struct ast_rtp *rtp = ast_rtp_instance_get_data(instance);
int res; int res;
#ifndef HAVE_OPENSSL_ECDH_AUTO
EC_KEY *ecdh;
#endif
if (!dtls_cfg->enabled) { if (!dtls_cfg->enabled) {
return 0; return 0;
@@ -1291,8 +1294,11 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
#ifdef HAVE_OPENSSL_ECDH_AUTO #ifdef HAVE_OPENSSL_ECDH_AUTO
SSL_CTX_set_ecdh_auto(rtp->ssl_ctx, 1); SSL_CTX_set_ecdh_auto(rtp->ssl_ctx, 1);
#else #else
SSL_CTX_set_tmp_ecdh(rtp->ssl_ctx, ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
EC_KEY_new_by_curve_name(NID_X9_62_prime256v1)); if (ecdh) {
SSL_CTX_set_tmp_ecdh(rtp->ssl_ctx, ecdh);
EC_KEY_free(ecdh);
}
#endif #endif
rtp->dtls_verify = dtls_cfg->verify; rtp->dtls_verify = dtls_cfg->verify;