<p>Jenkins2 <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/6826">View Change</a></p><div style="white-space:pre-wrap">Approvals:
  George Joseph: Looks good to me, but someone else must approve
  Joshua Colp: Looks good to me, approved
  Jenkins2: Approved for Submit

</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">res_srtp: Add support for libsrtp2 with AES-GCM.<br><br>Beside allowing AES-GCM again, this adds AES-192 again.<br><br>ASTERISK-27356<br><br>Change-Id: Ia97a435faf26300335d9552fa676b5d17e5f7233<br>---<br>M configure<br>M configure.ac<br>M res/srtp/srtp_compat.h<br>3 files changed, 117 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/configure b/configure<br>index 59bc3b1..588fbfd 100755<br>--- a/configure<br>+++ b/configure<br>@@ -33793,6 +33793,110 @@<br> <br> <br> <br>+if test "x${PBX_SRTP_192}" != "x1" -a "${USE_SRTP_192}" != "no"; then<br>+   pbxlibdir=""<br>+   # if --with-SRTP_192=DIR has been specified, use it.<br>+   if test "x${SRTP_192_DIR}" != "x"; then<br>+      if test -d ${SRTP_192_DIR}/lib; then<br>+         pbxlibdir="-L${SRTP_192_DIR}/lib"<br>+      else<br>+         pbxlibdir="-L${SRTP_192_DIR}"<br>+      fi<br>+   fi<br>+   pbxfuncname="srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80"<br>+   if test "x${pbxfuncname}" = "x" ; then   # empty lib, assume only headers<br>+      AST_SRTP_192_FOUND=yes<br>+   else<br>+      ast_ext_lib_check_save_CFLAGS="${CFLAGS}"<br>+      CFLAGS="${CFLAGS} "<br>+      as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`<br>+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5<br>+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }<br>+if eval \${$as_ac_Lib+:} false; then :<br>+  $as_echo_n "(cached) " >&6<br>+else<br>+  ac_check_lib_save_LIBS=$LIBS<br>+LIBS="-lsrtp2 ${pbxlibdir}  $LIBS"<br>+cat confdefs.h - <<_ACEOF >conftest.$ac_ext<br>+/* end confdefs.h.  */<br>+<br>+/* Override any GCC internal prototype to avoid an error.<br>+   Use char because int might match the return type of a GCC<br>+   builtin and then its argument prototype would still apply.  */<br>+#ifdef __cplusplus<br>+extern "C"<br>+#endif<br>+char ${pbxfuncname} ();<br>+int<br>+main ()<br>+{<br>+return ${pbxfuncname} ();<br>+  ;<br>+  return 0;<br>+}<br>+_ACEOF<br>+if ac_fn_c_try_link "$LINENO"; then :<br>+  eval "$as_ac_Lib=yes"<br>+else<br>+  eval "$as_ac_Lib=no"<br>+fi<br>+rm -f core conftest.err conftest.$ac_objext \<br>+    conftest$ac_exeext conftest.$ac_ext<br>+LIBS=$ac_check_lib_save_LIBS<br>+fi<br>+eval ac_res=\$$as_ac_Lib<br>+          { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5<br>+$as_echo "$ac_res" >&6; }<br>+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :<br>+  AST_SRTP_192_FOUND=yes<br>+else<br>+  AST_SRTP_192_FOUND=no<br>+fi<br>+<br>+      CFLAGS="${ast_ext_lib_check_save_CFLAGS}"<br>+   fi<br>+<br>+   # now check for the header.<br>+   if test "${AST_SRTP_192_FOUND}" = "yes"; then<br>+      SRTP_192_LIB="${pbxlibdir} -lsrtp2 "<br>+      # if --with-SRTP_192=DIR has been specified, use it.<br>+      if test "x${SRTP_192_DIR}" != "x"; then<br>+         SRTP_192_INCLUDE="-I${SRTP_192_DIR}/include"<br>+      fi<br>+      SRTP_192_INCLUDE="${SRTP_192_INCLUDE} "<br>+      if test "x" = "x" ; then     # no header, assume found<br>+         SRTP_192_HEADER_FOUND="1"<br>+      else                           # check for the header<br>+         ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"<br>+         CPPFLAGS="${CPPFLAGS} ${SRTP_192_INCLUDE}"<br>+         ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"<br>+if test "x$ac_cv_header_" = xyes; then :<br>+  SRTP_192_HEADER_FOUND=1<br>+else<br>+  SRTP_192_HEADER_FOUND=0<br>+fi<br>+<br>+<br>+         CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"<br>+      fi<br>+      if test "x${SRTP_192_HEADER_FOUND}" = "x0" ; then<br>+         SRTP_192_LIB=""<br>+         SRTP_192_INCLUDE=""<br>+      else<br>+         if test "x${pbxfuncname}" = "x" ; then             # only checking headers -> no library<br>+            SRTP_192_LIB=""<br>+         fi<br>+         PBX_SRTP_192=1<br>+         cat >>confdefs.h <<_ACEOF<br>+#define HAVE_SRTP_192 1<br>+_ACEOF<br>+<br>+      fi<br>+   fi<br>+fi<br>+<br>+<br>+<br> if test "x${PBX_SRTP_GCM}" != "x1" -a "${USE_SRTP_GCM}" != "no"; then<br>    pbxlibdir=""<br>    # if --with-SRTP_GCM=DIR has been specified, use it.<br>diff --git a/configure.ac b/configure.ac<br>index 9f95786..c729b94 100644<br>--- a/configure.ac<br>+++ b/configure.ac<br>@@ -2520,6 +2520,7 @@<br> if test "x$PBX_SRTP" = x1;<br> then<br>     AST_EXT_LIB_CHECK([SRTP_256], [srtp2], [srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80])<br>+    AST_EXT_LIB_CHECK([SRTP_192], [srtp2], [srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80])<br>     AST_EXT_LIB_CHECK([SRTP_GCM], [srtp2], [srtp_crypto_policy_set_aes_gcm_128_8_auth])<br>     AST_EXT_LIB_CHECK([SRTP_SHUTDOWN], [srtp2], [srtp_shutdown], [srtp2/srtp.h])<br> <br>diff --git a/res/srtp/srtp_compat.h b/res/srtp/srtp_compat.h<br>index 56ffca1..dbd8dde 100644<br>--- a/res/srtp/srtp_compat.h<br>+++ b/res/srtp/srtp_compat.h<br>@@ -16,6 +16,18 @@<br> #define crypto_policy_set_aes_gcm_128_8_auth srtp_crypto_policy_set_aes_gcm_128_8_auth<br> #define crypto_policy_set_aes_gcm_256_8_auth srtp_crypto_policy_set_aes_gcm_256_8_auth<br> <br>+#if defined(SRTP_AES_GCM_128_KEY_LEN_WSALT)<br>+#define AES_128_GCM_KEYSIZE_WSALT SRTP_AES_GCM_128_KEY_LEN_WSALT<br>+#else<br>+#define AES_128_GCM_KEYSIZE_WSALT SRTP_AES_128_GCM_KEYSIZE_WSALT<br>+#endif<br>+<br>+#if defined(SRTP_AES_GCM_256_KEY_LEN_WSALT)<br>+#define AES_256_GCM_KEYSIZE_WSALT SRTP_AES_GCM_256_KEY_LEN_WSALT<br>+#else<br>+#define AES_256_GCM_KEYSIZE_WSALT SRTP_AES_256_GCM_KEYSIZE_WSALT<br>+#endif<br>+<br> #define err_status_t srtp_err_status_t<br> #define err_status_ok srtp_err_status_ok<br> #define err_status_fail srtp_err_status_fail<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/6826">change 6826</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/6826"/><meta itemprop="name" content="View Change"/></div></div>

<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 15 </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: Ia97a435faf26300335d9552fa676b5d17e5f7233 </div>
<div style="display:none"> Gerrit-Change-Number: 6826 </div>
<div style="display:none"> Gerrit-PatchSet: 1 </div>
<div style="display:none"> Gerrit-Owner: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Joshua Colp <jcolp@digium.com> </div>