Skip to content
GitLab
Menu
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Sign in / Register
Toggle navigation
Menu
Open sidebar
savoirfairelinux
jami-daemon
Commits
6cbc4109
Commit
6cbc4109
authored
Sep 15, 2011
by
Rafaël Carré
Browse files
Disable SSLv2 support from pjsip and sflphone
SSLv2 support has been removed from OpenSSL in Ubuntu Oneiric
parent
4cfad87c
Changes
6
Hide whitespace changes
Inline
Side-by-side
daemon/libs/pjproject/pjlib/include/pj/ssl_sock.h
View file @
6cbc4109
...
@@ -307,15 +307,6 @@ typedef enum pj_ssl_cipher {
...
@@ -307,15 +307,6 @@ typedef enum pj_ssl_cipher {
PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA
=
0x0000001D
,
PJ_SSL_FORTEZZA_KEA_WITH_FORTEZZA_CBC_SHA
=
0x0000001D
,
PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA
=
0x0000001E
,
PJ_SSL_FORTEZZA_KEA_WITH_RC4_128_SHA
=
0x0000001E
,
/* SSLv2 */
PJ_SSL_CK_RC4_128_WITH_MD5
=
0x00010080
,
PJ_SSL_CK_RC4_128_EXPORT40_WITH_MD5
=
0x00020080
,
PJ_SSL_CK_RC2_128_CBC_WITH_MD5
=
0x00030080
,
PJ_SSL_CK_RC2_128_CBC_EXPORT40_WITH_MD5
=
0x00040080
,
PJ_SSL_CK_IDEA_128_CBC_WITH_MD5
=
0x00050080
,
PJ_SSL_CK_DES_64_CBC_WITH_MD5
=
0x00060040
,
PJ_SSL_CK_DES_192_EDE3_CBC_WITH_MD5
=
0x000700C0
}
pj_ssl_cipher
;
}
pj_ssl_cipher
;
...
@@ -466,9 +457,7 @@ typedef enum pj_ssl_sock_proto
...
@@ -466,9 +457,7 @@ typedef enum pj_ssl_sock_proto
PJ_SSL_SOCK_PROTO_DEFAULT
,
/**< Default protocol of backend. */
PJ_SSL_SOCK_PROTO_DEFAULT
,
/**< Default protocol of backend. */
PJ_SSL_SOCK_PROTO_TLS1
,
/**< TLSv1.0 protocol. */
PJ_SSL_SOCK_PROTO_TLS1
,
/**< TLSv1.0 protocol. */
PJ_SSL_SOCK_PROTO_SSL3
,
/**< SSLv3.0 protocol. */
PJ_SSL_SOCK_PROTO_SSL3
,
/**< SSLv3.0 protocol. */
PJ_SSL_SOCK_PROTO_SSL23
,
/**< SSLv3.0 but can roll back to
PJ_SSL_SOCK_PROTO_SSL23
,
/**< SSLv3.0 but can roll back to SSLv2.0. */
SSLv2.0. */
PJ_SSL_SOCK_PROTO_SSL2
,
/**< SSLv2.0 protocol. */
PJ_SSL_SOCK_PROTO_DTLS1
/**< DTLSv1.0 protocol. */
PJ_SSL_SOCK_PROTO_DTLS1
/**< DTLSv1.0 protocol. */
}
pj_ssl_sock_proto
;
}
pj_ssl_sock_proto
;
...
...
daemon/libs/pjproject/pjlib/src/pj/ssl_sock_ossl.c
View file @
6cbc4109
...
@@ -310,8 +310,6 @@ static pj_status_t init_openssl(void)
...
@@ -310,8 +310,6 @@ static pj_status_t init_openssl(void)
meth
=
(
SSL_METHOD
*
)
TLSv1_server_method
();
meth
=
(
SSL_METHOD
*
)
TLSv1_server_method
();
if
(
!
meth
)
if
(
!
meth
)
meth
=
(
SSL_METHOD
*
)
SSLv3_server_method
();
meth
=
(
SSL_METHOD
*
)
SSLv3_server_method
();
if
(
!
meth
)
meth
=
(
SSL_METHOD
*
)
SSLv2_server_method
();
pj_assert
(
meth
);
pj_assert
(
meth
);
ctx
=
SSL_CTX_new
(
meth
);
ctx
=
SSL_CTX_new
(
meth
);
...
@@ -488,9 +486,6 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock)
...
@@ -488,9 +486,6 @@ static pj_status_t create_ssl(pj_ssl_sock_t *ssock)
case
PJ_SSL_SOCK_PROTO_TLS1
:
case
PJ_SSL_SOCK_PROTO_TLS1
:
ssl_method
=
(
SSL_METHOD
*
)
TLSv1_method
();
ssl_method
=
(
SSL_METHOD
*
)
TLSv1_method
();
break
;
break
;
case
PJ_SSL_SOCK_PROTO_SSL2
:
ssl_method
=
(
SSL_METHOD
*
)
SSLv2_method
();
break
;
case
PJ_SSL_SOCK_PROTO_SSL3
:
case
PJ_SSL_SOCK_PROTO_SSL3
:
ssl_method
=
(
SSL_METHOD
*
)
SSLv3_method
();
ssl_method
=
(
SSL_METHOD
*
)
SSLv3_method
();
break
;
break
;
...
...
daemon/libs/pjproject/pjsip/src/pjsip/sip_transport_tls.c
View file @
6cbc4109
...
@@ -304,9 +304,6 @@ PJ_DEF(pj_status_t) pjsip_tls_transport_start (pjsip_endpoint *endpt,
...
@@ -304,9 +304,6 @@ PJ_DEF(pj_status_t) pjsip_tls_transport_start (pjsip_endpoint *endpt,
case
PJSIP_TLSV1_METHOD
:
case
PJSIP_TLSV1_METHOD
:
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_TLS1
;
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_TLS1
;
break
;
break
;
case
PJSIP_SSLV2_METHOD
:
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_SSL2
;
break
;
case
PJSIP_SSLV3_METHOD
:
case
PJSIP_SSLV3_METHOD
:
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_SSL3
;
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_SSL3
;
break
;
break
;
...
@@ -881,9 +878,6 @@ static pj_status_t lis_create_transport(pjsip_tpfactory *factory,
...
@@ -881,9 +878,6 @@ static pj_status_t lis_create_transport(pjsip_tpfactory *factory,
case
PJSIP_TLSV1_METHOD
:
case
PJSIP_TLSV1_METHOD
:
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_TLS1
;
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_TLS1
;
break
;
break
;
case
PJSIP_SSLV2_METHOD
:
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_SSL2
;
break
;
case
PJSIP_SSLV3_METHOD
:
case
PJSIP_SSLV3_METHOD
:
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_SSL3
;
ssock_param
.
proto
=
PJ_SSL_SOCK_PROTO_SSL3
;
break
;
break
;
...
...
daemon/libs/pjproject/pjsip/src/pjsip/sip_transport_tls_ossl.c
View file @
6cbc4109
...
@@ -351,9 +351,6 @@ static pj_status_t create_ctx( struct tls_listener *lis, SSL_CTX **p_ctx)
...
@@ -351,9 +351,6 @@ static pj_status_t create_ctx( struct tls_listener *lis, SSL_CTX **p_ctx)
case
PJSIP_TLSV1_METHOD
:
case
PJSIP_TLSV1_METHOD
:
ssl_method
=
TLSv1_method
();
ssl_method
=
TLSv1_method
();
break
;
break
;
case
PJSIP_SSLV2_METHOD
:
ssl_method
=
SSLv2_method
();
break
;
case
PJSIP_SSLV3_METHOD
:
case
PJSIP_SSLV3_METHOD
:
ssl_method
=
SSLv3_method
();
ssl_method
=
SSLv3_method
();
break
;
break
;
...
...
daemon/src/dbus/configurationmanager.cpp
View file @
6cbc4109
...
@@ -175,7 +175,6 @@ std::vector<std::string> ConfigurationManager::getSupportedTlsMethod (void)
...
@@ -175,7 +175,6 @@ std::vector<std::string> ConfigurationManager::getSupportedTlsMethod (void)
std
::
vector
<
std
::
string
>
method
;
std
::
vector
<
std
::
string
>
method
;
method
.
push_back
(
"Default"
);
method
.
push_back
(
"Default"
);
method
.
push_back
(
"TLSv1"
);
method
.
push_back
(
"TLSv1"
);
method
.
push_back
(
"SSLv2"
);
method
.
push_back
(
"SSLv3"
);
method
.
push_back
(
"SSLv3"
);
method
.
push_back
(
"SSLv23"
);
method
.
push_back
(
"SSLv23"
);
return
method
;
return
method
;
...
...
daemon/src/sip/sipaccount.cpp
View file @
6cbc4109
...
@@ -576,9 +576,6 @@ pjsip_ssl_method SIPAccount::sslMethodStringToPjEnum (const std::string& method)
...
@@ -576,9 +576,6 @@ pjsip_ssl_method SIPAccount::sslMethodStringToPjEnum (const std::string& method)
if
(
method
==
"TLSv1"
)
if
(
method
==
"TLSv1"
)
return
PJSIP_TLSV1_METHOD
;
return
PJSIP_TLSV1_METHOD
;
if
(
method
==
"SSLv2"
)
return
PJSIP_SSLV2_METHOD
;
if
(
method
==
"SSLv3"
)
if
(
method
==
"SSLv3"
)
return
PJSIP_SSLV3_METHOD
;
return
PJSIP_SSLV3_METHOD
;
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment