[jitsi-dev] [libjitsi] Enforce Perfect Forward Secrecy for DTLS (and update BC) (#110)


#1

You can view, comment on, or merge this pull request online at:

  https://github.com/jitsi/libjitsi/pull/110

-- Commit Summary --

  * Update boncycastle to 1.54
  * Enforce Perfect Forward Secrecy for DTLS

-- File Changes --

    M pom.xml (2)
    M src/org/jitsi/impl/neomedia/transform/dtls/DtlsPacketTransformer.java (2)
    M src/org/jitsi/impl/neomedia/transform/dtls/TlsClientImpl.java (32)
    M src/org/jitsi/impl/neomedia/transform/dtls/TlsServerImpl.java (44)

-- Patch Links --

https://github.com/jitsi/libjitsi/pull/110.patch
https://github.com/jitsi/libjitsi/pull/110.diff

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110


#2

tests are ok on my computer, how can I see the jenkins logs?

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-199181866


#3

Jenkins: it's ok to test.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-199284087


#4

Jenkins: it's ok to test. Tests launching fake device was broken.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-199431968


#5

I'm fine with the selection of ciphers, but can we makes these sets configurable? Also please remove the BouncyCastle update, there's already PR #72 for this.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-205009643


#6

@ibauersachs as this depends on BoucyCastle update, I prefer to rebase once BC is updated than to have a 'broken' PR
We can have a configure option for this, but this will go in another PR

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-205019059


#7

just rebased

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-206732085


#8

Jenkins, test this please.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-207156287


#9

@champtar, could I please ask you to provide initial descriptions when you create PRs? I don't expect anything more than a brief answer to why merging the PR is necessary.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-207158838


#10

i've updated the commit message and PR description

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-207261172


#11

Come on, Jenkins, test this please and succeed!

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#issuecomment-207495072


#12

Merged #110.

···

---
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/jitsi/libjitsi/pull/110#event-620373812