Index: webrtc/base/nssstreamadapter.cc |
diff --git a/webrtc/base/nssstreamadapter.cc b/webrtc/base/nssstreamadapter.cc |
index 22f2a2e2f47e203e43a1ff9e5d0843e97bd5251a..1af9cbc1bdff6b2c37e7dd9d5a05cb733595f487 100644 |
--- a/webrtc/base/nssstreamadapter.cc |
+++ b/webrtc/base/nssstreamadapter.cc |
@@ -70,6 +70,8 @@ static const SrtpCipherMapEntry kSrtpCipherMap[] = { |
static const uint32_t kEnabledCiphers[] = { |
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, |
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, |
+ TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, |
juberti1
2015/06/26 19:16:01
this should be ECDHE
torbjorng (webrtc)
2015/07/02 12:35:07
Done.
|
+ TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA |
juberti1
2015/06/26 19:16:01
we don't want the AES-256 variant. this should be
torbjorng (webrtc)
2015/07/02 12:35:07
Done.
|
}; |
// Default cipher used between NSS stream adapters. |
@@ -495,7 +497,7 @@ int NSSStreamAdapter::BeginSSL() { |
} |
rv = SSL_ConfigSecureServer(ssl_fd_, identity->certificate().certificate(), |
identity->keypair()->privkey(), |
- kt_rsa); |
+ identity->keypair()->ssl_kea_type()); |
if (rv != SECSuccess) { |
Error("BeginSSL", -1, false); |
return -1; |