[asterisk-commits] twilson: branch group/srtp_reboot r261181 - in /team/group/srtp_reboot: ./ ch...
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Tue May 4 19:45:08 CDT 2010
Author: twilson
Date: Tue May 4 19:45:04 2010
New Revision: 261181
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=261181
Log:
Address both Russell and Mark's review
Modified:
team/group/srtp_reboot/CHANGES
team/group/srtp_reboot/channels/chan_iax2.c
team/group/srtp_reboot/channels/chan_sip.c
team/group/srtp_reboot/channels/sip/sdp_crypto.c
Modified: team/group/srtp_reboot/CHANGES
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/CHANGES?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/CHANGES (original)
+++ team/group/srtp_reboot/CHANGES Tue May 4 19:45:04 2010
@@ -59,12 +59,19 @@
* When dialing SIP peers, a new component may be added to the end of the dialstring
to indicate that a specific remote IP address or host should be used when dialing
the particular peer. The dialstring format is SIP/peer/exten/host_or_IP.
- * SRTP SDES support
+ * SRTP SDES support for encrypting calls to/from Asterisk over SIP. The
+ ability to selectively force bridged channels to also be encrypted is also
+ implemented. Branching in the dialplan can be done based on whether or not
+ a channel has secure media and/or signaling.
IAX2 Changes
-----------
* Added rtsavesysname option into iax.conf to allow the systname to be saved
on realtime updates.
+ * Added the ability for chan_iax2 to inform the dialplan whether or not
+ encryption is being used. This interoperates with the SIP SRTP implementation
+ so that a secure SIP call can be bridged to a secure IAX call when the
+ dialplan requires bridged channels to be "secure".
MGCP Changes
------------
Modified: team/group/srtp_reboot/channels/chan_iax2.c
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/channels/chan_iax2.c?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/channels/chan_iax2.c (original)
+++ team/group/srtp_reboot/channels/chan_iax2.c Tue May 4 19:45:04 2010
@@ -5195,6 +5195,7 @@
unsigned short callno = PTR_TO_CALLNO(c->tech_pvt);
ast_mutex_lock(&iaxsl[callno]);
*((int *) data) = ast_test_flag64(iaxs[callno], IAX_FORCE_ENCRYPT) ? 1 : 0;
+ ast_mutex_unlock(&iaxsl[callno]);
return 0;
}
default:
@@ -13637,7 +13638,7 @@
} else if (!strcasecmp(args, "peername")) {
ast_copy_string(buf, pvt->username, buflen);
} else if (!strcasecmp(args, "secure_signaling") || !strcasecmp(args, "secure_media")) {
- snprintf(buf, sizeof(buf), "%s", pvt->encmethods ? "1" : "");
+ snprintf(buf, buflen, "%s", pvt->encmethods ? "1" : "");
} else {
res = -1;
}
Modified: team/group/srtp_reboot/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/channels/chan_sip.c?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/channels/chan_sip.c (original)
+++ team/group/srtp_reboot/channels/chan_sip.c Tue May 4 19:45:04 2010
@@ -5020,7 +5020,7 @@
if (ast_test_flag(&p->flags[1], SIP_PAGE2_USE_SRTP)) {
if (ast_test_flag(&p->flags[0], SIP_REINVITE)) {
- ast_debug(1, "Reinviting not possible when using SRTP, ignoring canreinvite setting\n");
+ ast_debug(1, "Direct media not possible when using SRTP, ignoring canreinvite setting\n");
ast_clear_flag(&p->flags[0], SIP_REINVITE);
}
@@ -7798,10 +7798,6 @@
ast_log(LOG_WARNING, "unknown SDP media protocol in offer: %s\n", protocol);
continue;
}
- if (len < 0) {
- ast_log(LOG_WARNING, "Unknown SDP media type in offer: %s\n", m);
- continue;
- }
audio = TRUE;
p->offered_media[SDP_AUDIO].offered = TRUE;
numberofmediastreams++;
@@ -7827,10 +7823,6 @@
secure_video= 1;
} else if (strcmp(protocol, "AVP")) {
ast_log(LOG_WARNING, "unknown SDP media protocol in offer: %s\n", protocol);
- continue;
- }
- if (len < 0) {
- ast_log(LOG_WARNING, "Unknown SDP media type in offer: %s\n", m);
continue;
}
video = TRUE;
@@ -7927,7 +7919,7 @@
if (audio) {
if (process_sdp_a_sendonly(value, &sendonly))
processed = TRUE;
- else if (!process_crypto(p, p->rtp, &p->srtp, value))
+ else if (process_crypto(p, p->rtp, &p->srtp, value))
processed = TRUE;
else if (process_sdp_a_audio(value, p, &newaudiortp, &last_rtpmap_codec))
processed = TRUE;
@@ -7936,7 +7928,7 @@
else if (video) {
if (process_sdp_a_sendonly(value, &vsendonly))
processed = TRUE;
- else if (!process_crypto(p, p->vrtp, &p->vsrtp, value))
+ else if (process_crypto(p, p->vrtp, &p->vsrtp, value))
processed = TRUE;
else if (process_sdp_a_video(value, p, &newvideortp, &last_rtpmap_codec))
processed = TRUE;
@@ -7945,7 +7937,7 @@
else if (text) {
if (process_sdp_a_text(value, p, &newtextrtp, red_fmtp, &red_num_gen, red_data_pt, &last_rtpmap_codec))
processed = TRUE;
- else if (!process_crypto(p, p->trtp, &p->tsrtp, value))
+ else if (process_crypto(p, p->trtp, &p->tsrtp, value))
processed = TRUE;
}
/* Image (T.38 FAX) specific scanning */
@@ -8006,7 +7998,7 @@
if (!(secure_audio || secure_video) && ast_test_flag(&p->flags[1], SIP_PAGE2_USE_SRTP)) {
ast_log(LOG_WARNING, "Matched device setup to use SRTP, but request was not!\n");
- return -5;
+ return -4;
}
if (udptlportno == -1) {
@@ -27009,12 +27001,12 @@
static int setup_srtp(struct sip_srtp **srtp)
{
if (!ast_rtp_engine_srtp_is_registered()) {
- ast_log(LOG_ERROR, "No SRTP module loaded, can't setup SRTP session.\n");
- return -1;
- }
-
- if (!(*srtp = sip_srtp_alloc())) { /* Allocate SRTP data structure */
- return -1;
+ ast_log(LOG_ERROR, "No SRTP module loaded, can't setup SRTP session.\n");
+ return -1;
+ }
+
+ if (!(*srtp = sip_srtp_alloc())) { /* Allocate SRTP data structure */
+ return -1;
}
return 0;
@@ -27023,30 +27015,30 @@
static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct sip_srtp **srtp, const char *a)
{
if (strncasecmp(a, "crypto:", 7)) {
- return -1;
+ return FALSE;
}
if (!*srtp) {
- if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
- ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
- return -1;
- }
-
- if (setup_srtp(srtp) < 0) {
- return -1;
- }
+ if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
+ ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
+ return FALSE;
+ }
+
+ if (setup_srtp(srtp) < 0) {
+ return FALSE;
+ }
}
if (!(*srtp)->crypto && !((*srtp)->crypto = sdp_crypto_setup())) {
- return -1;
+ return FALSE;
}
if (sdp_crypto_process((*srtp)->crypto, a, rtp) < 0) {
- return -1;
+ return FALSE;
}
ast_set_flag(*srtp, SRTP_CRYPTO_OFFER_OK);
- return 0;
+ return TRUE;
}
/*! \brief Reload module */
Modified: team/group/srtp_reboot/channels/sip/sdp_crypto.c
URL: http://svnview.digium.com/svn/asterisk/team/group/srtp_reboot/channels/sip/sdp_crypto.c?view=diff&rev=261181&r1=261180&r2=261181
==============================================================================
--- team/group/srtp_reboot/channels/sip/sdp_crypto.c (original)
+++ team/group/srtp_reboot/channels/sip/sdp_crypto.c Tue May 4 19:45:04 2010
@@ -53,18 +53,12 @@
{
struct sdp_crypto *crypto;
- if (!(crypto = ast_calloc(1, sizeof(*crypto)))) {
- ast_log(LOG_ERROR, "Out of memory, can't allocate crypto structure\n");
- }
-
- return crypto;
+ return crypto = ast_calloc(1, sizeof(*crypto));
}
void sdp_crypto_destroy(struct sdp_crypto *crypto)
{
- if (crypto->a_crypto) {
- ast_free(crypto->a_crypto);
- }
+ ast_free(crypto->a_crypto);
crypto->a_crypto = NULL;
ast_free(crypto);
}
More information about the asterisk-commits
mailing list