File: add-dtls-insecureskiphelloverify.patch

package info (click to toggle)
golang-github-pion-webrtc.v3 3.1.56-4
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 2,428 kB
  • sloc: javascript: 595; sh: 28; makefile: 5
file content (52 lines) | stat: -rw-r--r-- 1,983 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
 
From 2a47c12f220a93fb5347b753b23591a2e6098f68 Mon Sep 17 00:00:00 2001
From: Alexey Khit <alexey.khit@gmail.com>
Date: Tue, 28 Feb 2023 13:46:17 +0300
Subject: [PATCH] Add DTLS InsecureSkipHelloVerify option

---
 dtlstransport.go | 5 ++---
 settingengine.go | 8 +++++++-
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/dtlstransport.go b/dtlstransport.go
index 4029b22f527..b29b6b0fba5 100644
--- a/dtlstransport.go
+++ b/dtlstransport.go
@@ -324,9 +324,8 @@ func (t *DTLSTransport) Start(remoteParameters DTLSParameters) error {
 		dtlsConfig.ReplayProtectionWindow = int(*t.api.settingEngine.replayProtection.DTLS)
 	}
 
-	if t.api.settingEngine.dtls.retransmissionInterval != 0 {
-		dtlsConfig.FlightInterval = t.api.settingEngine.dtls.retransmissionInterval
-	}
+	dtlsConfig.FlightInterval = t.api.settingEngine.dtls.retransmissionInterval
+	dtlsConfig.InsecureSkipVerifyHello = t.api.settingEngine.dtls.insecureSkipHelloVerify
 
 	// Connect as DTLS Client/Server, function is blocking and we
 	// must not hold the DTLSTransport lock
diff --git a/settingengine.go b/settingengine.go
index 8bab83dbe86..63c3a1b5274 100644
--- a/settingengine.go
+++ b/settingengine.go
@@ -56,7 +56,8 @@ type SettingEngine struct {
 		SRTCP *uint
 	}
 	dtls struct {
-		retransmissionInterval time.Duration
+		insecureSkipHelloVerify bool
+		retransmissionInterval  time.Duration
 	}
 	sctp struct {
 		maxReceiveBufferSize uint32
@@ -349,6 +350,11 @@ func (e *SettingEngine) SetDTLSRetransmissionInterval(interval time.Duration) {
 	e.dtls.retransmissionInterval = interval
 }
 
+// SetDTLSInsecureSkipHelloVerify sets the skip HelloVerify flag for DTLS.
+func (e *SettingEngine) SetDTLSInsecureSkipHelloVerify(skip bool) {
+	e.dtls.insecureSkipHelloVerify = skip
+}
+
 // SetSCTPMaxReceiveBufferSize sets the maximum receive buffer size.
 // Leave this 0 for the default maxReceiveBufferSize.
 func (e *SettingEngine) SetSCTPMaxReceiveBufferSize(maxReceiveBufferSize uint32) {