[Asterisk-code-review] res srtp: Add support for libsrtp2 with AES-GCM. (asterisk[master])
Jenkins2
asteriskteam at digium.com
Wed Oct 18 10:48:40 CDT 2017
Jenkins2 has submitted this change and it was merged. ( https://gerrit.asterisk.org/6825 )
Change subject: res_srtp: Add support for libsrtp2 with AES-GCM.
......................................................................
res_srtp: Add support for libsrtp2 with AES-GCM.
Beside allowing AES-GCM again, this adds AES-192 again.
ASTERISK-27356
Change-Id: Ia97a435faf26300335d9552fa676b5d17e5f7233
---
M configure
M configure.ac
M res/srtp/srtp_compat.h
3 files changed, 117 insertions(+), 0 deletions(-)
Approvals:
George Joseph: Looks good to me, but someone else must approve
Joshua Colp: Looks good to me, approved
Jenkins2: Approved for Submit
diff --git a/configure b/configure
index 59bc3b1..588fbfd 100755
--- a/configure
+++ b/configure
@@ -33793,6 +33793,110 @@
+if test "x${PBX_SRTP_192}" != "x1" -a "${USE_SRTP_192}" != "no"; then
+ pbxlibdir=""
+ # if --with-SRTP_192=DIR has been specified, use it.
+ if test "x${SRTP_192_DIR}" != "x"; then
+ if test -d ${SRTP_192_DIR}/lib; then
+ pbxlibdir="-L${SRTP_192_DIR}/lib"
+ else
+ pbxlibdir="-L${SRTP_192_DIR}"
+ fi
+ fi
+ pbxfuncname="srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80"
+ if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
+ AST_SRTP_192_FOUND=yes
+ else
+ ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
+ CFLAGS="${CFLAGS} "
+ as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5
+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }
+if eval \${$as_ac_Lib+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsrtp2 ${pbxlibdir} $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char ${pbxfuncname} ();
+int
+main ()
+{
+return ${pbxfuncname} ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ eval "$as_ac_Lib=yes"
+else
+ eval "$as_ac_Lib=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+eval ac_res=\$$as_ac_Lib
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ AST_SRTP_192_FOUND=yes
+else
+ AST_SRTP_192_FOUND=no
+fi
+
+ CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
+ fi
+
+ # now check for the header.
+ if test "${AST_SRTP_192_FOUND}" = "yes"; then
+ SRTP_192_LIB="${pbxlibdir} -lsrtp2 "
+ # if --with-SRTP_192=DIR has been specified, use it.
+ if test "x${SRTP_192_DIR}" != "x"; then
+ SRTP_192_INCLUDE="-I${SRTP_192_DIR}/include"
+ fi
+ SRTP_192_INCLUDE="${SRTP_192_INCLUDE} "
+ if test "x" = "x" ; then # no header, assume found
+ SRTP_192_HEADER_FOUND="1"
+ else # check for the header
+ ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
+ CPPFLAGS="${CPPFLAGS} ${SRTP_192_INCLUDE}"
+ ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"
+if test "x$ac_cv_header_" = xyes; then :
+ SRTP_192_HEADER_FOUND=1
+else
+ SRTP_192_HEADER_FOUND=0
+fi
+
+
+ CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
+ fi
+ if test "x${SRTP_192_HEADER_FOUND}" = "x0" ; then
+ SRTP_192_LIB=""
+ SRTP_192_INCLUDE=""
+ else
+ if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
+ SRTP_192_LIB=""
+ fi
+ PBX_SRTP_192=1
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP_192 1
+_ACEOF
+
+ fi
+ fi
+fi
+
+
+
if test "x${PBX_SRTP_GCM}" != "x1" -a "${USE_SRTP_GCM}" != "no"; then
pbxlibdir=""
# if --with-SRTP_GCM=DIR has been specified, use it.
diff --git a/configure.ac b/configure.ac
index 9f95786..c729b94 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2520,6 +2520,7 @@
if test "x$PBX_SRTP" = x1;
then
AST_EXT_LIB_CHECK([SRTP_256], [srtp2], [srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80])
+ AST_EXT_LIB_CHECK([SRTP_192], [srtp2], [srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80])
AST_EXT_LIB_CHECK([SRTP_GCM], [srtp2], [srtp_crypto_policy_set_aes_gcm_128_8_auth])
AST_EXT_LIB_CHECK([SRTP_SHUTDOWN], [srtp2], [srtp_shutdown], [srtp2/srtp.h])
diff --git a/res/srtp/srtp_compat.h b/res/srtp/srtp_compat.h
index 56ffca1..dbd8dde 100644
--- a/res/srtp/srtp_compat.h
+++ b/res/srtp/srtp_compat.h
@@ -16,6 +16,18 @@
#define crypto_policy_set_aes_gcm_128_8_auth srtp_crypto_policy_set_aes_gcm_128_8_auth
#define crypto_policy_set_aes_gcm_256_8_auth srtp_crypto_policy_set_aes_gcm_256_8_auth
+#if defined(SRTP_AES_GCM_128_KEY_LEN_WSALT)
+#define AES_128_GCM_KEYSIZE_WSALT SRTP_AES_GCM_128_KEY_LEN_WSALT
+#else
+#define AES_128_GCM_KEYSIZE_WSALT SRTP_AES_128_GCM_KEYSIZE_WSALT
+#endif
+
+#if defined(SRTP_AES_GCM_256_KEY_LEN_WSALT)
+#define AES_256_GCM_KEYSIZE_WSALT SRTP_AES_GCM_256_KEY_LEN_WSALT
+#else
+#define AES_256_GCM_KEYSIZE_WSALT SRTP_AES_256_GCM_KEYSIZE_WSALT
+#endif
+
#define err_status_t srtp_err_status_t
#define err_status_ok srtp_err_status_ok
#define err_status_fail srtp_err_status_fail
--
To view, visit https://gerrit.asterisk.org/6825
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-Project: asterisk
Gerrit-Branch: master
Gerrit-MessageType: merged
Gerrit-Change-Id: Ia97a435faf26300335d9552fa676b5d17e5f7233
Gerrit-Change-Number: 6825
Gerrit-PatchSet: 2
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Jenkins2
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-code-review/attachments/20171018/b4762fd7/attachment-0001.html>
More information about the asterisk-code-review
mailing list