diff options
Diffstat (limited to 'rtc_base/openssl_adapter.cc')
-rw-r--r-- | rtc_base/openssl_adapter.cc | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/rtc_base/openssl_adapter.cc b/rtc_base/openssl_adapter.cc index e5c2c42761..563fe0f9d9 100644 --- a/rtc_base/openssl_adapter.cc +++ b/rtc_base/openssl_adapter.cc @@ -981,6 +981,9 @@ SSL_CTX* OpenSSLAdapter::CreateContext(SSLMode mode, bool enable_cache) { SSL_CTX_set_custom_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); #else SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, SSLVerifyCallback); + // Verify certificate chains up to a depth of 4. This is not + // needed for DTLS-SRTP which uses self-signed certificates + // (so the depth is 0) but is required to support TURN/TLS. SSL_CTX_set_verify_depth(ctx, 4); #endif // Use defaults, but disable HMAC-SHA256 and HMAC-SHA384 ciphers |