[asterisk-commits] twilson: branch group/srtp_reboot r261181 - in /team/group/srtp_reboot: ./ ch...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Tue May 4 19:45:08 CDT 2010


Author: twilson
Date: Tue May  4 19:45:04 2010
New Revision: 261181

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=261181
Log:
Address both Russell and Mark's review

Modified:
    team/group/srtp_reboot/CHANGES
    team/group/srtp_reboot/channels/chan_iax2.c
    team/group/srtp_reboot/channels/chan_sip.c
    team/group/srtp_reboot/channels/sip/sdp_crypto.c

Modified: team/group/srtp_reboot/CHANGES
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/CHANGES?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/CHANGES (original)
+++ team/group/srtp_reboot/CHANGES Tue May  4 19:45:04 2010
@@ -59,12 +59,19 @@
  * When dialing SIP peers, a new component may be added to the end of the dialstring
    to indicate that a specific remote IP address or host should be used when dialing
    the particular peer. The dialstring format is SIP/peer/exten/host_or_IP.
- * SRTP SDES support
+ * SRTP SDES support for encrypting calls to/from Asterisk over SIP. The
+   ability to selectively force bridged channels to also be encrypted is also
+   implemented. Branching in the dialplan can be done based on whether or not
+   a channel has secure media and/or signaling.
 
 IAX2 Changes
 -----------
  * Added rtsavesysname option into iax.conf to allow the systname to be saved
    on realtime updates.
+ * Added the ability for chan_iax2 to inform the dialplan whether or not
+   encryption is being used. This interoperates with the SIP SRTP implementation
+   so that a secure SIP call can be bridged to a secure IAX call when the
+   dialplan requires bridged channels to be "secure".
 
 MGCP Changes
 ------------

Modified: team/group/srtp_reboot/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/channels/chan_iax2.c?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/channels/chan_iax2.c (original)
+++ team/group/srtp_reboot/channels/chan_iax2.c Tue May  4 19:45:04 2010
@@ -5195,6 +5195,7 @@
 		unsigned short callno = PTR_TO_CALLNO(c->tech_pvt);
 		ast_mutex_lock(&iaxsl[callno]);
 		*((int *) data) = ast_test_flag64(iaxs[callno], IAX_FORCE_ENCRYPT) ? 1 : 0;
+		ast_mutex_unlock(&iaxsl[callno]);
 		return 0;
 	}
 	default:
@@ -13637,7 +13638,7 @@
 	} else if (!strcasecmp(args, "peername")) {
 		ast_copy_string(buf, pvt->username, buflen);
 	} else if (!strcasecmp(args, "secure_signaling") || !strcasecmp(args, "secure_media")) {
-		snprintf(buf, sizeof(buf), "%s", pvt->encmethods ? "1" : "");
+		snprintf(buf, buflen, "%s", pvt->encmethods ? "1" : "");
 	} else {
 		res = -1;
 	}

Modified: team/group/srtp_reboot/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/channels/chan_sip.c?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/channels/chan_sip.c (original)
+++ team/group/srtp_reboot/channels/chan_sip.c Tue May  4 19:45:04 2010
@@ -5020,7 +5020,7 @@
 
 	if (ast_test_flag(&p->flags[1], SIP_PAGE2_USE_SRTP)) {
 		if (ast_test_flag(&p->flags[0], SIP_REINVITE)) {
-			ast_debug(1, "Reinviting not possible when using SRTP, ignoring canreinvite setting\n");
+			ast_debug(1, "Direct media not possible when using SRTP, ignoring canreinvite setting\n");
 			ast_clear_flag(&p->flags[0], SIP_REINVITE);
 		}
 
@@ -7798,10 +7798,6 @@
 				ast_log(LOG_WARNING, "unknown SDP media protocol in offer: %s\n", protocol);
 				continue;
 			}
-			if (len < 0) {
-				ast_log(LOG_WARNING, "Unknown SDP media type in offer: %s\n", m);
-				continue;
-			}
 			audio = TRUE;
 			p->offered_media[SDP_AUDIO].offered = TRUE;
 			numberofmediastreams++;
@@ -7827,10 +7823,6 @@
 				secure_video= 1;
 			} else if (strcmp(protocol, "AVP")) {
 				ast_log(LOG_WARNING, "unknown SDP media protocol in offer: %s\n", protocol);
-				continue;
-			}
-			if (len < 0) {
-				ast_log(LOG_WARNING, "Unknown SDP media type in offer: %s\n", m);
 				continue;
 			}
 			video = TRUE;
@@ -7927,7 +7919,7 @@
 				if (audio) {
 					if (process_sdp_a_sendonly(value, &sendonly))
 						processed = TRUE;
-					else if (!process_crypto(p, p->rtp, &p->srtp, value))
+					else if (process_crypto(p, p->rtp, &p->srtp, value))
 						processed = TRUE;
 					else if (process_sdp_a_audio(value, p, &newaudiortp, &last_rtpmap_codec))
 						processed = TRUE;
@@ -7936,7 +7928,7 @@
 				else if (video) {
 					if (process_sdp_a_sendonly(value, &vsendonly))
 						processed = TRUE;
-					else if (!process_crypto(p, p->vrtp, &p->vsrtp, value))
+					else if (process_crypto(p, p->vrtp, &p->vsrtp, value))
 						processed = TRUE;
 					else if (process_sdp_a_video(value, p, &newvideortp, &last_rtpmap_codec))
 						processed = TRUE;
@@ -7945,7 +7937,7 @@
 				else if (text) {
 					if (process_sdp_a_text(value, p, &newtextrtp, red_fmtp, &red_num_gen, red_data_pt, &last_rtpmap_codec))
 						processed = TRUE;
-					else if (!process_crypto(p, p->trtp, &p->tsrtp, value))
+					else if (process_crypto(p, p->trtp, &p->tsrtp, value))
 						processed = TRUE;
 				}
 				/* Image (T.38 FAX) specific scanning */
@@ -8006,7 +7998,7 @@
 
 	if (!(secure_audio || secure_video) && ast_test_flag(&p->flags[1], SIP_PAGE2_USE_SRTP)) {
 		ast_log(LOG_WARNING, "Matched device setup to use SRTP, but request was not!\n");
-		return -5;
+		return -4;
 	}
 
 	if (udptlportno == -1) {
@@ -27009,12 +27001,12 @@
 static int setup_srtp(struct sip_srtp **srtp)
 {
 	if (!ast_rtp_engine_srtp_is_registered()) {
-	   ast_log(LOG_ERROR, "No SRTP module loaded, can't setup SRTP session.\n");
-	   return -1;
-	}
-
-	if (!(*srtp = sip_srtp_alloc())) {    /* Allocate SRTP data structure */
-	   return -1;
+		ast_log(LOG_ERROR, "No SRTP module loaded, can't setup SRTP session.\n");
+		return -1;
+	}
+
+	if (!(*srtp = sip_srtp_alloc())) { /* Allocate SRTP data structure */
+		return -1;
 	}
 
 	return 0;
@@ -27023,30 +27015,30 @@
 static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct sip_srtp **srtp, const char *a)
 {
 	if (strncasecmp(a, "crypto:", 7)) {
-		return -1;
+		return FALSE;	
 	}
 	if (!*srtp) {
-	   if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
-		   ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
-		   return -1;
-	   }
-
-	   if (setup_srtp(srtp) < 0) {
-		   return -1;
-	   }
+		if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
+			ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
+			return FALSE;
+		}
+
+		if (setup_srtp(srtp) < 0) {
+			return FALSE;
+		}
 	}
 
 	if (!(*srtp)->crypto && !((*srtp)->crypto = sdp_crypto_setup())) {
-	   return -1;
+		return FALSE;
 	}
 
 	if (sdp_crypto_process((*srtp)->crypto, a, rtp) < 0) {
-	   return -1;
+		return FALSE;
 	}
 
 	ast_set_flag(*srtp, SRTP_CRYPTO_OFFER_OK);
 
-	return 0;
+	return TRUE;
 }
 
 /*! \brief Reload module */

Modified: team/group/srtp_reboot/channels/sip/sdp_crypto.c
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/channels/sip/sdp_crypto.c?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/channels/sip/sdp_crypto.c (original)
+++ team/group/srtp_reboot/channels/sip/sdp_crypto.c Tue May  4 19:45:04 2010
@@ -53,18 +53,12 @@
 {
 	struct sdp_crypto *crypto;
 
-	if (!(crypto = ast_calloc(1, sizeof(*crypto)))) {
-		ast_log(LOG_ERROR, "Out of memory, can't allocate crypto structure\n");
-	}
-
-	return crypto;
+	return crypto = ast_calloc(1, sizeof(*crypto));
 }
 
 void sdp_crypto_destroy(struct sdp_crypto *crypto)
 {
-	if (crypto->a_crypto) {
-		ast_free(crypto->a_crypto);
-	}
+	ast_free(crypto->a_crypto);
 	crypto->a_crypto = NULL;
 	ast_free(crypto);
 }




More information about the asterisk-commits mailing list