[Pkg-voip-commits] [asterisk] 01/01: add fix for ASTERISK-24711 (enable DTLS read ahead)
Jeremy Lainé
sharky at moszumanska.debian.org
Wed Feb 4 17:39:19 UTC 2015
This is an automated email from the git hooks/post-receive script.
sharky pushed a commit to branch jessie
in repository asterisk.
commit db637ff2d09fbb7ccf5162aa7bbbb4215cb1fb7f
Author: Jeremy Lainé <jeremy.laine at m4x.org>
Date: Wed Feb 4 18:38:54 2015 +0100
add fix for ASTERISK-24711 (enable DTLS read ahead)
---
debian/patches/enable_dtls_read_ahead.patch | 28 ++++++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 29 insertions(+)
diff --git a/debian/patches/enable_dtls_read_ahead.patch b/debian/patches/enable_dtls_read_ahead.patch
new file mode 100644
index 0000000..e47b66a
--- /dev/null
+++ b/debian/patches/enable_dtls_read_ahead.patch
@@ -0,0 +1,28 @@
+From: Jeremy Lainé <jeremy.laine at m4x.org>
+Subject: Fix DTLS when used with patched OpenSSL
+Bug: https://issues.asterisk.org/jira/browse/ASTERISK-24711
+
+A recent security fix for OpenSSL broke DTLS negotiation for many
+applications. This was caused by read ahead not being enabled when it
+should be. While a commit has gone into OpenSSL to force read ahead
+on for DTLS it may take some time for a release to be made and the
+change to be present in distributions (if at all). As enabling read
+ahead is a simple one line change this commit does that and fixes
+the issue.
+
+See also:
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775502
+
+diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
+index ec3f147..a638572 100644
+--- a/res/res_rtp_asterisk.c
++++ b/res/res_rtp_asterisk.c
+@@ -1260,6 +1260,8 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
+ return -1;
+ }
+
++ SSL_CTX_set_read_ahead(rtp->ssl_ctx, 1);
++
+ rtp->dtls_verify = dtls_cfg->verify;
+
+ SSL_CTX_set_verify(rtp->ssl_ctx, (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_FINGERPRINT) || (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_CERTIFICATE) ?
diff --git a/debian/patches/series b/debian/patches/series
index 6802868..59d91bc 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -33,6 +33,7 @@ escape_manpage_hyphen.patch
aelparse_enable.patch
res_fax_bounds.patch
neon_version_check.patch
+enable_dtls_read_ahead.patch
AST-2014-012.patch
AST-2014-014.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-voip/asterisk.git
More information about the Pkg-voip-commits
mailing list