res_rtp_asterisk: Fix DTLS when used with OpenSSL 1.0.1k

A recent security fix for OpenSSL broke DTLS negotiation for many
applications. This was caused by read ahead not being enabled when it
should be. While a commit has gone into OpenSSL to force read ahead
on for DTLS it may take some time for a release to be made and the
change to be present in distributions (if at all). As enabling read
ahead is a simple one line change this commit does that and fixes
the issue.

ASTERISK-24711 #close
Reported by: Jared Biel

git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@431384 65c4cc65-6c06-0410-ace0-fbb531ad65f3

diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index fc0f9d9ba6eafb30e0f14ec52ade43a93bb6dc68..079ba2ede64cfe8d17472c991ccec6d9559aaed1 100644 (file)
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -1263,6 +1263,8 @@ static int ast_rtp_dtls_set_configuration(struct ast_rtp_instance *instance, con
                return -1;
        }
 
+       SSL_CTX_set_read_ahead(rtp->ssl_ctx, 1);
+
        rtp->dtls_verify = dtls_cfg->verify;
 
        SSL_CTX_set_verify(rtp->ssl_ctx, (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_FINGERPRINT) || (rtp->dtls_verify & AST_RTP_DTLS_VERIFY_CERTIFICATE) ?