Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable TLS 1.0 and TLS 1.1 for coturn #999

Merged
merged 1 commit into from
Apr 16, 2021
Merged

Disable TLS 1.0 and TLS 1.1 for coturn #999

merged 1 commit into from
Apr 16, 2021

Conversation

sakkiii
Copy link
Contributor

@sakkiii sakkiii commented Apr 15, 2021

These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.

@sakkiii
Disable support for TLS 1.0 and TLS 1.1
540416e 
These old versions of TLS rely on MD5 and SHA-1, both now broken, and contain other flaws. TLS 1.0 is no longer PCI-DSS compliant and the TLS working group has adopted a document to deprecate TLS 1.0 and TLS 1.1.
@sakkiii sakkiii changed the title Disable support for TLS 1.0 and TLS 1.1 CoTurn Disable support for TLS 1.0 and TLS 1.1 Apr 15, 2021
@sakkiii sakkiii marked this pull request as ready for review April 15, 2021 15:39
@pushytoxin
Copy link
Contributor

I suggest you title your commit to include that this relates to coturn.

@sakkiii sakkiii changed the title CoTurn Disable support for TLS 1.0 and TLS 1.1 Disable TLS 1.0 and TLS 1.1 for coturn Apr 15, 2021
@aaronraimist
Copy link
Contributor

It would be good if this could be configurable/follow the existing config option. f18037a

Otherwise this change will break things for people running old software like #141

@spantaleev spantaleev merged commit 8ae0628 into spantaleev:master Apr 16, 2021
@spantaleev
Copy link
Owner

Thanks! 👍

It may be useful to have some other "more global" variable, which could control both coturn SSL and nginx SSL.

spantaleev added a commit that referenced this pull request Apr 16, 2021
@spantaleev
Make Coturn TLSv1/v1.1 configurable
fcb9e96 
Related to #999
@spantaleev
Copy link
Owner

I've made this configurable in fcb9e96 and announced it in the changelog, as it seems like it could be important to some people.

@sakkiii sakkiii deleted the patch-1 branch May 6, 2021 07:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@sakkiii @pushytoxin @aaronraimist @spantaleev