summaryrefslogtreecommitdiff
path: root/pjlib/src/pj/ssl_sock_ossl.c
AgeCommit message (Collapse)Author
2016-05-10Misc (re #1882): Fixed buffer size not sufficient when setting cipher list.Riza Sulistyo
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5285 74dad513-b988-da41-8d7b-12977e46ad98
2016-01-27Misc (Re #1882): Add raw certificate information to pj_ssl_cert_info data. ↵Riza Sulistyo
Thanks to Peter Koletzki for the suggestion. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5238 74dad513-b988-da41-8d7b-12977e46ad98
2015-12-30Re #1882 (misc): Fixed incorrect sizeof argument when using pj_bzero() and ↵Liong Sauw Ming
pj_memcpy() in ssl_sock_ossl.c Thanks to Dusan Klinec for the patch. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5220 74dad513-b988-da41-8d7b-12977e46ad98
2015-12-23Misc (re #1882): Fixed wrong specifier used in ssl_sock_ossl.c (should be ↵Nanang Izzuddin
'PJ_DEF' instead of 'PJ_DECL'). git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5216 74dad513-b988-da41-8d7b-12977e46ad98
2015-12-11Fixed #1901: crash when async_cnt is set to a value greater than one for SIP ↵Liong Sauw Ming
TLS transport git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5214 74dad513-b988-da41-8d7b-12977e46ad98
2015-05-07Close #1849: Enabled multiple TLS certificate chains (RSA+ECC+DSA) for ↵Nanang Izzuddin
server socket. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5087 74dad513-b988-da41-8d7b-12977e46ad98
2015-05-05Misc (re #1843): Fixed compile warnings on pjlib SSL socket with BoringSSL ↵Nanang Izzuddin
backend (thanks Alexander Traud for the patch). git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5083 74dad513-b988-da41-8d7b-12977e46ad98
2015-04-27Re #1843: Enable OpenSSL to use legacy certificates(1024 bit root ↵Riza Sulistyo
certificate) send by server. This is supported on OpenSSL 1.0.2. Thanks to Alexander Traud for the patch. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5080 74dad513-b988-da41-8d7b-12977e46ad98
2015-04-23Fixed #1846: Update to use 'HIGH' ciphers as default in OpenSSLLiong Sauw Ming
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5078 74dad513-b988-da41-8d7b-12977e46ad98
2015-04-23Fixed #1845: Add support if OpenSSL library has more than 100 cipher suitesLiong Sauw Ming
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5076 74dad513-b988-da41-8d7b-12977e46ad98
2015-04-22Re #1843:Liong Sauw Ming
Support compilation with OpenSSL without OpenSSLv3 support Thanks to Alexander Traud for the patch. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5074 74dad513-b988-da41-8d7b-12977e46ad98
2015-01-15Close #1810: Adding CA path support into SSL socket.Nanang Izzuddin
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4973 74dad513-b988-da41-8d7b-12977e46ad98
2015-01-05Re #1782 (misc): Change assert check of ssl_state to non assert check on ↵Riza Sulistyo
OpenSSL wrapper implementation. (thanks to Joshua Colp for the suggestion) git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4972 74dad513-b988-da41-8d7b-12977e46ad98
2014-12-18Re #1806: Implement SSL/TLS setting to set protocol operation.Riza Sulistyo
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4968 74dad513-b988-da41-8d7b-12977e46ad98
2014-08-22Misc (re #1751): Suppress compile warnings of OpenSSL deprecation on MacOSX.Nanang Izzuddin
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4901 74dad513-b988-da41-8d7b-12977e46ad98
2014-07-07Re #1765: Riza Sulistyo
- Fixed unnecessary white-space error - Limiting log message to servers - Adding SSL_OP_SINGLE_ECDH_USE optionally - OpenSSL could be built without elliptic curve support, or too old git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4871 74dad513-b988-da41-8d7b-12977e46ad98
2014-07-02Closed #1775: Changing OpenSSL default method from TLSv1 to SSLv23 to enable ↵Benny Prijono
enable AES-GCM cipher suites in default (thanks Alexander Traud for the patch). Also fixed a bug in SIP TLS transport (sip_transport_tls.c). According to [https://trac.pjsip.org/repos/browser/pjproject/trunk/pjsip/include/pjsip/sip_transport_tls.h#L94 sip_transport_tls.h:94], when PJSIP_SSL_UNSPECIFIED_METHOD is set as method, PJSIP_SSL_DEFAULT_METHOD will be used. But the implementation uses PJ_SSL_SOCK_PROTO_DEFAULT instead of PJSIP_SSL_DEFAULT_METHOD. Currently this is fine because both resolve to TLSv1, but the patch will break it. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4869 74dad513-b988-da41-8d7b-12977e46ad98
2014-06-19Fix #1773: Added group lock to SIP transport to avoid race condition between ↵Nanang Izzuddin
transport callback and destroy. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4862 74dad513-b988-da41-8d7b-12977e46ad98
2014-06-19Re #1771: Implement run-time configuration to set specific socket option.Riza Sulistyo
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4860 74dad513-b988-da41-8d7b-12977e46ad98
2014-06-06Misc (re #1751): fixed error when retrieving SSL error. Thanks Vittorio ↵Benny Prijono
Giovara for the patch git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4858 74dad513-b988-da41-8d7b-12977e46ad98
2014-05-02Fixed #1765: Add PFS supportLiong Sauw Ming
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4832 74dad513-b988-da41-8d7b-12977e46ad98
2014-04-30Fixed #1763: Add pj_ssl_cipher_id() APILiong Sauw Ming
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4829 74dad513-b988-da41-8d7b-12977e46ad98
2013-10-21Re #1630 (misc):Liong Sauw Ming
Fixed compiler warnings. Thanks to Mark Michelson for the patch. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4624 74dad513-b988-da41-8d7b-12977e46ad98
2013-10-08Re #1703: fixing general bugs. First installment: correct handling of ↵Benny Prijono
snprintf return value git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4613 74dad513-b988-da41-8d7b-12977e46ad98
2013-06-19Re #1680: Add initial support for Win64Riza Sulistyo
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4537 74dad513-b988-da41-8d7b-12977e46ad98
2013-04-26Fixed #1661: Option to use SO_REUSEADDR for TCP and TLS listeners and use it ↵Benny Prijono
by default on non-Windows platforms git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4506 74dad513-b988-da41-8d7b-12977e46ad98
2013-04-15Re #1630: Modified OpenSSL library names for Win platform.Liong Sauw Ming
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4466 74dad513-b988-da41-8d7b-12977e46ad98
2013-02-14Close #1618: Fixed SSL socket to check for async sending operation error.Nanang Izzuddin
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4349 74dad513-b988-da41-8d7b-12977e46ad98
2012-09-10Re #1573: Fixed improper unlock in do_handshake().Nanang Izzuddin
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4249 74dad513-b988-da41-8d7b-12977e46ad98
2012-09-08Re #1573: Fixed bad cast on ioqueue send key to send data in ↵Nanang Izzuddin
asock_on_data_sent(). git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4248 74dad513-b988-da41-8d7b-12977e46ad98
2012-09-07Fix #1573:Nanang Izzuddin
- Never hold lock while calling pj_activesock_send*() to avoid deadlock. - Refactor the sending buffer management. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4247 74dad513-b988-da41-8d7b-12977e46ad98
2012-05-30Fix #1522:Nanang Izzuddin
1. Updated the 'shifter' (expected max openssl reason code) to 1200. 2. Done, added pj_ssl_sock_info::last_native_err. Also fixed pjsip/sip_transport_tls.c to include TLS transport specific info in invoking transport state callback on disconnection event. 3. Fixed. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@4146 74dad513-b988-da41-8d7b-12977e46ad98
2012-03-30Re #1474: Merged all changes from 1.12 - HEAD (from the 1.x branch)Benny Prijono
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3999 74dad513-b988-da41-8d7b-12977e46ad98
2011-10-24Re #1395: Backport of PJSIP 1.x branch into PJSIP 2.0 trunkLiong Sauw Ming
* Backport of r3557:r3832 TODO: ticket #1268 (Option for automatic/manual sending of RTCP SDES/BYE for the stream) for video stream. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3841 74dad513-b988-da41-8d7b-12977e46ad98
2011-05-05Re #1250: Updated the year in all copyright texts with 2011!Nanang Izzuddin
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3553 74dad513-b988-da41-8d7b-12977e46ad98
2011-03-16Fix #1212:Nanang Izzuddin
- Updated pj_register_strerror() to just return PJ_SUCCESS when the same range and handler is being re-registered. - Removed the usage of static flag of error string handler registration in some modules, which prevent the re-registration of the handler, e.g: in restarting pjsua, as such flags never got reseted. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3455 74dad513-b988-da41-8d7b-12977e46ad98
2010-06-26Misc (re #1068): fixed possible overwritten field data, write_data_t::flags, ↵Nanang Izzuddin
in SSL sock OpenSSL implementation. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3225 74dad513-b988-da41-8d7b-12977e46ad98
2010-03-06Ticket #1043:Nanang Izzuddin
- Fixed bug of unused timeout setting in Symbian SSL socket, ssl_sock_symbian.cpp. - Added an SSL test scenario of SSL connect timeout, SSL socket client tries to connect to non-SSL socket server. - Fixed OpenSSL-based SSL socket to start SSL timer before TCP connect (was started after TCP connected and before SSL handshake). git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3117 74dad513-b988-da41-8d7b-12977e46ad98
2010-02-24Ticket #1032:Nanang Izzuddin
- Initial version of server domain name verification: - Updated SSL certificate info, especially identities info - Updated verification mechanism as in the specifications in ticket desc. - Added server domain name info in pjsip_tx_data. - Added alternative API for acquiring transport and creating transport of transport factory to include pjsip_tx_data param. - Server identity match criteria: - full host name match - wild card not accepted - if identity is URI, it must be SIP/SIPS URI - Initial version of transport state notifications: - Added new API to set transport state callback in PJSIP and PJSUA. - Defined states: connected/disconnected, accepted/rejected, verification errors. - Minors: - Updated SSL socket test: dump verification result, test of requiring client cert, and few minors. - Updated test cert to include subjectAltName extensions. - Added SSL certificate dump function. - Updated max number of socket async operations in Symbian sample apps (RSocketServ::Connect()) to 32 (was default 8). git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3106 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-20Ticket #957:Nanang Izzuddin
- Fixed compile error of incompatible param type (or bad type conversion) on Symbian 5th ed (and perhaps also on some GCC versions). - Fixed on_connect_complete() to reset SSL sock state before callback when connection fails (OpenSSL impl). - Fixed saving remote address before start connecting, so it won't miss remote address info when socket connection establishes immediately (OpenSSL impl). git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3020 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-10Misc (#951): fixed compilation warning on gcc/LinuxBenny Prijono
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3006 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-09Ticket #957: Fixed 0.0.0.0:0 address returned by SIP TLS client transport, ↵Nanang Izzuddin
which would cause 0.0.0.0:0 address in SIP via header. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@3000 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-09Ticket #950 and #957: Benny Prijono
- added QoS options on PJLIB/PJLIB SSL/TLS socket/transport - added demo in Symbian ua.cpp git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2998 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-09More #957 (TLS): updated pj_perror() with the new PJ_PERROR() APIBenny Prijono
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2994 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-06Ticket #957:Nanang Izzuddin
- Updated Symbian PJLIB test build setting to enable SSL sock test. - Fixed ciphers enumeration in Symbian SSL sock. - Fixed OpenSSL SSL sock to avoid initializing OpenSSL multiple times. - Fixed SSL unit test to avoid divide-by-zero in setting random seed. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2990 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-06Ticket #957: Workaround fix for SSL socket specific related to ticket #985.Nanang Izzuddin
git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2989 74dad513-b988-da41-8d7b-12977e46ad98
2009-11-04Ticket #957:Nanang Izzuddin
- Applied workaround solution for getting local address problem with getsockname on win IOCP by using parent local address instead. - Fixed SSL socket not to return PJ_FALSE in active socket accept callback, to keep accepting connections. - Applied workaround solution for OpenSSL error mapping, as OpenSSL error codes are big numbers that won't fit pj_status_t. - Minor updates, e.g: using pj_perror(), removing some logs, OpenSSL error print callback. - Minor updates on SSL unit test, e.g: start_read() before start sending, additional ioqueue poll to cleanup sockets, add timeout feature to https client test. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2986 74dad513-b988-da41-8d7b-12977e46ad98
2009-10-28Ticket #957: Removed DTLS proto in SSL socket with OpenSSL backend as it ↵Nanang Izzuddin
hasn't been really supported yet. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2972 74dad513-b988-da41-8d7b-12977e46ad98
2009-10-27Ticket #957: Nanang Izzuddin
- Fixed SSL socket unit test issues (mostly on Linux platform): let OS manage the binding port (specify port to 0), use pj_sockaddr_get_len() instead of sizeof() for sockaddr size, DOS eol format for certificate and private key files. - Temporary fix for SSL_CTX_use_certificate_chain_file() false error alarm (after previous OpenSSL handshake error), by clearing OpenSSL thread error queue in reset_ssl_sock_state() git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2971 74dad513-b988-da41-8d7b-12977e46ad98
2009-10-26Ticket #957:Nanang Izzuddin
- Added features in secure socket: handshake timeout timer, certificate info, renegotiation API. - Added unit test for secure socket, along with testing purpose certificate & private key. - Updated build configs for secure socket. git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@2970 74dad513-b988-da41-8d7b-12977e46ad98
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-14 04:13:10 +0000