Skip to content

Commit

Permalink
Merge branch 'v0.20'
Browse files Browse the repository at this point in the history
  • Loading branch information
paullouisageneau committed Mar 31, 2024
2 parents 5885ab4 + 8e7193e commit 035cf1d
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 8 deletions.
13 changes: 5 additions & 8 deletions src/impl/dtlstransport.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -394,27 +394,24 @@ DtlsTransport::DtlsTransport(shared_ptr<IceTransport> lower, certificate_ptr cer
mbedtls_ctr_drbg_set_prediction_resistance(&mDrbg, MBEDTLS_CTR_DRBG_PR_ON);

try {
mbedtls::check(mbedtls_ctr_drbg_seed(&mDrbg, mbedtls_entropy_func, &mEntropy, NULL, 0),
"Failed creating Mbed TLS Context");
mbedtls::check(mbedtls_ctr_drbg_seed(&mDrbg, mbedtls_entropy_func, &mEntropy, NULL, 0));

mbedtls::check(mbedtls_ssl_config_defaults(
&mConf, mIsClient ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_PRESET_DEFAULT),
"Failed creating Mbed TLS Context");
MBEDTLS_SSL_TRANSPORT_DATAGRAM, MBEDTLS_SSL_PRESET_DEFAULT));

mbedtls_ssl_conf_max_version(&mConf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); // TLS 1.2
mbedtls_ssl_conf_authmode(&mConf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_verify(&mConf, DtlsTransport::CertificateCallback, this);

mbedtls_ssl_conf_rng(&mConf, mbedtls_ctr_drbg_random, &mDrbg);

auto [crt, pk] = mCertificate->credentials();
mbedtls::check(mbedtls_ssl_conf_own_cert(&mConf, crt.get(), pk.get()),
"Failed creating Mbed TLS Context");
mbedtls::check(mbedtls_ssl_conf_own_cert(&mConf, crt.get(), pk.get()));

mbedtls_ssl_conf_dtls_cookies(&mConf, NULL, NULL, NULL);
mbedtls_ssl_conf_dtls_srtp_protection_profiles(&mConf, srtpSupportedProtectionProfiles);

mbedtls::check(mbedtls_ssl_setup(&mSsl, &mConf), "Failed creating Mbed TLS Context");
mbedtls::check(mbedtls_ssl_setup(&mSsl, &mConf));

mbedtls_ssl_set_export_keys_cb(&mSsl, DtlsTransport::ExportKeysCallback, this);
mbedtls_ssl_set_bio(&mSsl, this, WriteCallback, ReadCallback, NULL);
Expand Down
1 change: 1 addition & 0 deletions src/impl/tlstransport.cpp
Original file line number Diff line number Diff line change
Expand Up @@ -336,6 +336,7 @@ TlsTransport::TlsTransport(variant<shared_ptr<TcpTransport>, shared_ptr<HttpProx
&mConf, mIsClient ? MBEDTLS_SSL_IS_CLIENT : MBEDTLS_SSL_IS_SERVER,
MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT));

mbedtls_ssl_conf_max_version(&mConf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3); // TLS 1.2
mbedtls_ssl_conf_authmode(&mConf, MBEDTLS_SSL_VERIFY_OPTIONAL);
mbedtls_ssl_conf_rng(&mConf, mbedtls_ctr_drbg_random, &mDrbg);

Expand Down

0 comments on commit 035cf1d

Please sign in to comment.