diff options
Diffstat (limited to 'pjsip')
-rw-r--r-- | pjsip/include/pjsip/sip_transport_tls.h | 34 | ||||
-rw-r--r-- | pjsip/src/pjsip/sip_transport_tls_ossl.c | 8 |
2 files changed, 29 insertions, 13 deletions
diff --git a/pjsip/include/pjsip/sip_transport_tls.h b/pjsip/include/pjsip/sip_transport_tls.h index debddfb8..600ff298 100644 --- a/pjsip/include/pjsip/sip_transport_tls.h +++ b/pjsip/include/pjsip/sip_transport_tls.h @@ -39,17 +39,27 @@ PJ_BEGIN_DECL * the transport to the framework. */ +/** + * The default SSL method to be used by PJSIP. + * Default is PJSIP_TLSV1_METHOD + */ +#ifndef PJSIP_SSL_DEFAULT_METHOD +# define PJSIP_SSL_DEFAULT_METHOD PJSIP_TLSV1_METHOD +#endif + /** SSL protocol method constants. */ typedef enum pjsip_ssl_method { - PJSIP_SSL_DEFAULT_METHOD = 0, /**< Default protocol method. */ - PJSIP_TLSV1_METHOD = 1, /**< Use SSLv1 method. */ - PJSIP_SSLV2_METHOD = 2, /**< Use SSLv2 method. */ - PJSIP_SSLV3_METHOD = 3, /**< Use SSLv3 method. */ + PJSIP_SSL_UNSPECIFIED_METHOD= 0, /**< Default protocol method. */ + PJSIP_TLSV1_METHOD = 31, /**< Use SSLv1 method. */ + PJSIP_SSLV2_METHOD = 20, /**< Use SSLv2 method. */ + PJSIP_SSLV3_METHOD = 30, /**< Use SSLv3 method. */ PJSIP_SSLV23_METHOD = 23 /**< Use SSLv23 method. */ } pjsip_ssl_method; + + /** * TLS transport settings. */ @@ -79,14 +89,16 @@ typedef struct pjsip_tls_setting /** * TLS protocol method from #pjsip_ssl_method, which can be: - * - PJSIP_SSL_DEFAULT_METHOD(0): default (which will use SSLv23) - * - PJSIP_TLSV1_METHOD(1): TLSv1 - * - PJSIP_SSLV2_METHOD(2): TLSv2 - * - PJSIP_SSLV3_METHOD(3): TLSv3 - * - PJSIP_SSLV23_METHOD(23): TLSv23 + * - PJSIP_SSL_UNSPECIFIED_METHOD(0): default (which will use + * PJSIP_SSL_DEFAULT_METHOD) + * - PJSIP_TLSV1_METHOD(1): TLSv1 + * - PJSIP_SSLV2_METHOD(2): SSLv2 + * - PJSIP_SSLV3_METHOD(3): SSL3 + * - PJSIP_SSLV23_METHOD(23): SSL23 * - * Default is PJSIP_SSL_DEFAULT_METHOD (0), which will use SSLv23 - * protocol method. + * Default is PJSIP_SSL_UNSPECIFIED_METHOD (0), which in turn will + * use PJSIP_SSL_DEFAULT_METHOD, which default value is + * PJSIP_TLSV1_METHOD. */ int method; diff --git a/pjsip/src/pjsip/sip_transport_tls_ossl.c b/pjsip/src/pjsip/sip_transport_tls_ossl.c index a7d7d73c..81e19f1d 100644 --- a/pjsip/src/pjsip/sip_transport_tls_ossl.c +++ b/pjsip/src/pjsip/sip_transport_tls_ossl.c @@ -315,6 +315,7 @@ static void shutdown_openssl(void) static pj_status_t create_ctx( struct tls_listener *lis, SSL_CTX **p_ctx) { struct pjsip_tls_setting *opt = &lis->setting; + int method; char *lis_name = lis->factory.obj_name; SSL_METHOD *ssl_method; SSL_CTX *ctx; @@ -326,8 +327,11 @@ static pj_status_t create_ctx( struct tls_listener *lis, SSL_CTX **p_ctx) init_openssl(); /* Determine SSL method to use */ - switch (opt->method) { - case PJSIP_SSL_DEFAULT_METHOD: + method = opt->method; + if (method == PJSIP_SSL_UNSPECIFIED_METHOD) + method = PJSIP_SSL_DEFAULT_METHOD; + + switch (method) { case PJSIP_SSLV23_METHOD: ssl_method = SSLv23_method(); break; |