[Asterisk-code-review] res rtp asterisk: Use latest DTLS version available by under... (asterisk[master])

[Joshua Colp]

Joshua Colp has submitted this change and it was merged.

Change subject: res_rtp_asterisk: Use latest DTLS version available by underlying platform.
......................................................................


res_rtp_asterisk: Use latest DTLS version available by underlying platform.

Do not use DTLSv1_method() but DTLS_method() when available in OpenSSL of the
underlying platform. This change enables DTLS 1.2 since OpenSSL 1.0.2, for
WebRTC (DTLS-SRTP via SIP-over-WebSockets). This change enables AEAD-based
cipher-suites.

ASTERISK-26130 #close

Change-Id: I41f24448d6d2953e8bdb97c9f4a6bc8a8f055fd0
---
M res/res_rtp_asterisk.c
1 file changed, 6 insertions(+), 1 deletion(-)

Approvals:
  Alexander Traud: Looks good to me, but someone else must approve
  Richard Mudgett: Looks good to me, but someone else must approve
  Joshua Colp: Looks good to me, approved; Verified



diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index 9e3ff75..1bf1694 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -1357,7 +1357,12 @@
 		return 0;
 	}
 
-	if (!(rtp->ssl_ctx = SSL_CTX_new(DTLSv1_method()))) {
+#if OPENSSL_VERSION_NUMBER < 0x10002000L
+	rtp->ssl_ctx = SSL_CTX_new(DTLSv1_method());
+#else
+	rtp->ssl_ctx = SSL_CTX_new(DTLS_method());
+#endif
+	if (!rtp->ssl_ctx) {
 		return -1;
 	}
 

-- 
To view, visit https://gerrit.asterisk.org/3052
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I41f24448d6d2953e8bdb97c9f4a6bc8a8f055fd0
Gerrit-PatchSet: 2
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Richard Mudgett <rmudgett at digium.com>