diff options
author | Mamadou DIOP <bossiel@yahoo.fr> | 2015-08-19 05:08:39 +0200 |
---|---|---|
committer | Mamadou DIOP <bossiel@yahoo.fr> | 2015-08-19 05:08:39 +0200 |
commit | a6c2cf6a7456b3d04f15b216ef15c67e61ff5a7d (patch) | |
tree | 3b7e9bf9dde9887cb7eb8c5f1d501a03fb3cd3a1 | |
parent | 0fb460ca837e2348c162654d9d0ab7e4665ca2ad (diff) | |
download | doubango-a6c2cf6a7456b3d04f15b216ef15c67e61ff5a7d.zip doubango-a6c2cf6a7456b3d04f15b216ef15c67e61ff5a7d.tar.gz |
Fix issue reported at https://groups.google.com/forum/#!topic/doubango/Oo0t1e3tlL8
-rw-r--r-- | tinyNET/src/tls/tnet_dtls.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/tinyNET/src/tls/tnet_dtls.c b/tinyNET/src/tls/tnet_dtls.c index 78d4190..6420c9e 100644 --- a/tinyNET/src/tls/tnet_dtls.c +++ b/tinyNET/src/tls/tnet_dtls.c @@ -306,6 +306,7 @@ tnet_dtls_socket_handle_t* tnet_dtls_socket_create(struct tnet_socket_s* wrapped return tsk_null; } if ((socket = tsk_object_new(tnet_dtls_socket_def_t))) { + EC_KEY* ecdh; const tsk_bool_t set_mtu = TNET_SOCKET_TYPE_IS_DGRAM(wrapped_sock->type) || 1; //!\ This is required even if the local transport is TCP/TLS because the relayed (TURN) transport could be UDP socket->wrapped_sock = tsk_object_ref(wrapped_sock); if (!(socket->ssl = SSL_new(ssl_ctx))) { @@ -334,6 +335,13 @@ tnet_dtls_socket_handle_t* tnet_dtls_socket_create(struct tnet_socket_s* wrapped SSL_set_bio(socket->ssl, socket->rbio, socket->wbio); SSL_set_mode(socket->ssl, SSL_MODE_AUTO_RETRY); SSL_set_read_ahead(socket->ssl, 1); + // https://groups.google.com/forum/#!topic/doubango/Oo0t1e3tlL8 + if ((ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1))) { + SSL_set_options(socket->ssl, SSL_OP_SINGLE_ECDH_USE); + SSL_set_tmp_ecdh(socket->ssl, ecdh); + EC_KEY_free(ecdh); + } + if (set_mtu) { BIO_ctrl(SSL_get_wbio(socket->ssl), BIO_CTRL_DGRAM_SET_MTU, TNET_DTLS_MTU - 28, NULL); } |