RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

TT#108552 prefer sha-256 over sha-1 

Change-Id: I1c54b6410d492a2dbd7169f000c84ecebf9d817c
pull/1164/head
Richard Fuchs 5 years ago
parent
f2d7e71b07
commit
e671a5dcab
4 changed files with 13 additions and 122 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +1
    -1
      README.md
  2. +5
    -5
      daemon/dtls.c
  3. +0
    -109
      t/auto-daemon-tests-reorder.pl
  4. +7
    -7
      t/auto-daemon-tests.pl

+ 1
- 1
README.md View File

@ -1044,7 +1044,7 @@ Optionally included keys are:
* `DTLS-fingerprint`
Contains a string and is used to select the hashing function to generate the DTLS fingerprint
from the certificate. The default is SHA-1, or the same hashing function as was used by the
from the certificate. The default is SHA-256, or the same hashing function as was used by the
peer. Available are `SHA-1`, `SHA-224`, `SHA-256`, `SHA-384`, and `SHA-512`.
* `SDES`


+ 5
- 5
daemon/dtls.c View File

@ -67,6 +67,11 @@ static unsigned int sha_512_func(unsigned char *, X509 *);
static const struct dtls_hash_func hash_funcs[] = {
{
.name = "sha-256",
.num_bytes = 256 / 8,
.__func = sha_256_func,
},
{
.name = "sha-1",
.num_bytes = 160 / 8,
@ -77,11 +82,6 @@ static const struct dtls_hash_func hash_funcs[] = {
.num_bytes = 224 / 8,
.__func = sha_224_func,
},
{
.name = "sha-256",
.num_bytes = 256 / 8,
.__func = sha_256_func,
},
{
.name = "sha-384",
.num_bytes = 384 / 8,


+ 0
- 109
t/auto-daemon-tests-reorder.pl View File

@ -3663,115 +3663,6 @@ SDP
new_call;
offer('fingerprint selection', {
ICE => 'remove',
flags => [],
'transport-protocol' => 'RTP/SAVP',
SDES => ['off'],
}, <<SDP);
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
s=Z
c=IN IP4 89.225.243.254
t=0 0
m=audio 8000 RTP/AVP 0 101 8
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=sendrecv
--------------------------------------
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
s=Z
c=IN IP4 203.0.113.1
t=0 0
m=audio PORT RTP/SAVP 0 101 8
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:8 PCMA/8000
a=sendrecv
a=rtcp:PORT
a=setup:actpass
a=fingerprint:sha-1 FINGERPRINT
SDP
new_call;
offer('fingerprint selection', {
ICE => 'remove',
flags => [],
'transport-protocol' => 'RTP/SAVP',
SDES => ['off'],
'DTLS-fingerprint' => 'SHA-256',
}, <<SDP);
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
s=Z
c=IN IP4 89.225.243.254
t=0 0
m=audio 8000 RTP/AVP 0 101 8
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=sendrecv
--------------------------------------
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
s=Z
c=IN IP4 203.0.113.1
t=0 0
m=audio PORT RTP/SAVP 0 101 8
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:8 PCMA/8000
a=sendrecv
a=rtcp:PORT
a=setup:actpass
a=fingerprint:sha-256 FINGERPRINT256
SDP
new_call;
offer('fingerprint selection', {
ICE => 'remove',
flags => [],
'transport-protocol' => 'RTP/SAVP',
SDES => ['off'],
'DTLS-fingerprint' => 'sha-256',
}, <<SDP);
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
s=Z
c=IN IP4 89.225.243.254
t=0 0
m=audio 8000 RTP/AVP 0 101 8
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=sendrecv
--------------------------------------
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
s=Z
c=IN IP4 203.0.113.1
t=0 0
m=audio PORT RTP/SAVP 0 101 8
a=rtpmap:0 PCMU/8000
a=rtpmap:101 telephone-event/8000
a=fmtp:101 0-16
a=rtpmap:8 PCMA/8000
a=sendrecv
a=rtcp:PORT
a=setup:actpass
a=fingerprint:sha-256 FINGERPRINT256
SDP
# GH 1058
new_call;


+ 7
- 7
t/auto-daemon-tests.pl View File

@ -3705,7 +3705,7 @@ a=rtpmap:8 PCMA/8000
a=sendrecv
a=rtcp:PORT
a=setup:actpass
a=fingerprint:sha-1 FINGERPRINT
a=fingerprint:sha-256 FINGERPRINT256
SDP
new_call;
@ -3715,7 +3715,7 @@ offer('fingerprint selection', {
flags => [],
'transport-protocol' => 'RTP/SAVP',
SDES => ['off'],
'DTLS-fingerprint' => 'SHA-256',
'DTLS-fingerprint' => 'SHA-1',
}, <<SDP);
v=0
o=Z 58440449 0 IN IP4 89.225.243.254
@ -3740,7 +3740,7 @@ a=rtpmap:8 PCMA/8000
a=sendrecv
a=rtcp:PORT
a=setup:actpass
a=fingerprint:sha-256 FINGERPRINT256
a=fingerprint:sha-1 FINGERPRINT
SDP
new_call;
@ -3827,7 +3827,7 @@ a=crypto:10 F8_128_HMAC_SHA1_32 inline:CRYPTO128
a=crypto:11 NULL_HMAC_SHA1_80 inline:CRYPTO128
a=crypto:12 NULL_HMAC_SHA1_32 inline:CRYPTO128
a=setup:actpass
a=fingerprint:sha-1 FINGERPRINT
a=fingerprint:sha-256 FINGERPRINT256
SDP
rtpe_req('delete', 'GH 1086', { 'from-tag' => ft() });
@ -3872,7 +3872,7 @@ a=crypto:10 F8_128_HMAC_SHA1_32 inline:CRYPTO128
a=crypto:11 NULL_HMAC_SHA1_80 inline:CRYPTO128
a=crypto:12 NULL_HMAC_SHA1_32 inline:CRYPTO128
a=setup:actpass
a=fingerprint:sha-1 FINGERPRINT
a=fingerprint:sha-256 FINGERPRINT256
SDP
@ -4451,7 +4451,7 @@ a=crypto:10 F8_128_HMAC_SHA1_32 inline:CRYPTO128
a=crypto:11 NULL_HMAC_SHA1_80 inline:CRYPTO128
a=crypto:12 NULL_HMAC_SHA1_32 inline:CRYPTO128
a=setup:actpass
a=fingerprint:sha-1 FINGERPRINT
a=fingerprint:sha-256 FINGERPRINT256
a=ptime:20
SDP
@ -4569,7 +4569,7 @@ a=crypto:10 F8_128_HMAC_SHA1_32 inline:CRYPTO128
a=crypto:11 NULL_HMAC_SHA1_80 inline:CRYPTO128
a=crypto:12 NULL_HMAC_SHA1_32 inline:CRYPTO128
a=setup:actpass
a=fingerprint:sha-1 FINGERPRINT
a=fingerprint:sha-256 FINGERPRINT256
a=ptime:20
SDP


Write Preview
Loading…
Cancel
Save