Home Explore Help
Register Sign In
Apq
/
coturn
mirror of https://github.com/coturn/coturn.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Merge pull request #942 from eakraly/disable-renegotiation

Disable SSL renegotiation
Gustavo Garcia 3 years ago
parent
dfa978c669 30fbdc740e
commit
4de2d530ff
2 changed files with 4 additions and 2 deletions
Split View Show Diff Stats
  1. 3 2
      src/apps/relay/dtls_listener.c
  2. 1 0
      src/apps/relay/ns_ioalib_engine_impl.c

+ 3 - 2
src/apps/relay/dtls_listener.c
View File 

@@ -295,7 +295,7 @@ static ioa_socket_handle dtls_server_input_handler(dtls_listener_relay_server_ty
 
 	SSL_set_accept_state(connecting_ssl);
 
 
 	SSL_set_bio(connecting_ssl, NULL, wbio);
 
-	SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE);
 
+	SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE | SSL_OP_NO_RENEGOTIATION);
 
 
 	SSL_set_max_cert_list(connecting_ssl, 655350);
 
 
@@ -581,7 +581,8 @@ static int create_new_connected_udp_socket(
 
 
 		SSL_set_bio(connecting_ssl, NULL, wbio);
 
 
-		SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE);
 
+		SSL_set_options(connecting_ssl, SSL_OP_COOKIE_EXCHANGE | SSL_OP_NO_RENEGOTIATION);
 
+
 
 		SSL_set_max_cert_list(connecting_ssl, 655350);
 
 		int rc = ssl_read(ret->fd, connecting_ssl, server->sm.m.sm.nd.nbh,
 
 				server->verbose);

+ 1 - 0
src/apps/relay/ns_ioalib_engine_impl.c
View File 

@@ -1428,6 +1428,7 @@ static void set_socket_ssl(ioa_socket_handle s, SSL *ssl)
 
 		if(ssl) {
 
 			SSL_set_app_data(ssl,s);
 
 			SSL_set_info_callback(ssl, (ssl_info_callback_t)ssl_info_callback);
 
+			SSL_set_options(ssl, SSL_OP_NO_RENEGOTIATION);
 
 		}
 
 	}
 
 }