res_rtp_asterisk: Fix DTLS when used with OpenSSL 1.0.1k

A recent security fix for OpenSSL broke DTLS negotiation for many applications. This was caused by read ahead not being enabled when it should be. While a commit has gone into OpenSSL to force read ahead on for DTLS it may take some time for a release to be made and the change to be present in distributions (if at all). As enabling read ahead is a simple one line change this commit does that and fixes the issue. ASTERISK-24711 #close Reported by: Jared Biel ........ Merged revisions 431384 from http://svn.asterisk.org/svn/asterisk/branches/11 ........ Merged revisions 431385 from http://svn.asterisk.org/svn/asterisk/branches/13 git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@431386 65c4cc65-6c06-0410-ace0-fbb531ad65f3
author: Joshua Colp <jcolp@digium.com> 2015-01-29 12:09:58 +0000
committer: Joshua Colp <jcolp@digium.com> 2015-01-29 12:09:58 +0000
commit: 9893ba7ffbb129cf56d77fb51e7c5bc66a840c66 (patch)
tree: 3864007ddcc18d4cedcc4d871e4a990575b36293 /res/res_rtp_asterisk.c
parent: b3ff43a4e8f0616440a2820f03c930ffe2008bc4 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index 0a652b081..4982353a4 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -1281,6 +1281,8 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
 		return -1;
 	}
 
+	SSL_CTX_set_read_ahead(rtp->ssl_ctx, 1);
+
 	rtp->dtls_verify = dtls_cfg->verify;
 
 	SSL_CTX_set_verify(rtp->ssl_ctx, (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_FINGERPRINT) || (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_CERTIFICATE) ?
author	Joshua Colp <jcolp@digium.com>	2015-01-29 12:09:58 +0000
committer	Joshua Colp <jcolp@digium.com>	2015-01-29 12:09:58 +0000
commit	9893ba7ffbb129cf56d77fb51e7c5bc66a840c66 (patch)
tree	3864007ddcc18d4cedcc4d871e4a990575b36293 /res/res_rtp_asterisk.c
parent	b3ff43a4e8f0616440a2820f03c930ffe2008bc4 (diff)