[asterisk-commits] kmoore: branch kmoore/pimp_sip_srtp r386154 - in /team/kmoore/pimp_sip_srtp: ...

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Fri Apr 19 15:59:14 CDT 2013 

Author: kmoore
Date: Fri Apr 19 15:59:11 2013
New Revision: 386154

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=386154
Log:
Pull out some more functionality that will likely be shared

Modified:
    team/kmoore/pimp_sip_srtp/channels/chan_sip.c
    team/kmoore/pimp_sip_srtp/include/asterisk/sdp_srtp.h
    team/kmoore/pimp_sip_srtp/main/sdp_srtp.c

Modified: team/kmoore/pimp_sip_srtp/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/pimp_sip_srtp/channels/chan_sip.c?view=diff&rev=386154&r1=386153&r2=386154
==============================================================================
--- team/kmoore/pimp_sip_srtp/channels/chan_sip.c (original)
+++ team/kmoore/pimp_sip_srtp/channels/chan_sip.c Fri Apr 19 15:59:11 2013
@@ -1486,7 +1486,6 @@
 static void handle_response(struct sip_pvt *p, int resp, const char *rest, struct sip_request *req, uint32_t seqno);
 
 /*------ SRTP Support -------- */
-static int setup_srtp(struct ast_sdp_srtp **srtp);
 static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct ast_sdp_srtp **srtp, const char *a);
 
 /*------ T38 Support --------- */
@@ -6412,17 +6411,17 @@
 			ast_clear_flag(&p->flags[0], SIP_REINVITE);
 		}
 
-		if (p->rtp && !p->srtp && setup_srtp(&p->srtp) < 0) {
+		if (p->rtp && !p->srtp && !(p->srtp = ast_sdp_srtp_alloc())) {
 			ast_log(LOG_WARNING, "SRTP audio setup failed\n");
 			return -1;
 		}
 
-		if (p->vrtp && !p->vsrtp && setup_srtp(&p->vsrtp) < 0) {
+		if (p->vrtp && !p->vsrtp && !(p->vsrtp = ast_sdp_srtp_alloc())) {
 			ast_log(LOG_WARNING, "SRTP video setup failed\n");
 			return -1;
 		}
 
-		if (p->trtp && !p->tsrtp && setup_srtp(&p->tsrtp) < 0) {
+		if (p->trtp && !p->tsrtp && !(p->tsrtp = ast_sdp_srtp_alloc())) {
 			ast_log(LOG_WARNING, "SRTP text setup failed\n");
 			return -1;
 		}
@@ -12991,39 +12990,6 @@
 	}
 }
 
-static void get_crypto_attrib(struct sip_pvt *p, struct ast_sdp_srtp *srtp, const char **a_crypto)
-{
-	int taglen = 80;
-
-	/* Set encryption properties */
-	if (srtp) {
-		if (!srtp->crypto) {
-			srtp->crypto = ast_sdp_crypto_setup();
-		}
-
-		if (p->dtls_cfg.enabled) {
-			/* If DTLS-SRTP is enabled the key details will be pulled from TLS */
-			return;
-		}
-
-		/* set the key length based on INVITE or settings */
-		if (ast_test_flag(srtp, AST_SRTP_CRYPTO_TAG_80)) {
-			taglen = 80;
-		} else if (ast_test_flag(&p->flags[2], SIP_PAGE3_SRTP_TAG_32) ||
-		    ast_test_flag(srtp, AST_SRTP_CRYPTO_TAG_32)) {
-			taglen = 32;
-		}
-
-		if (srtp->crypto && (ast_sdp_crypto_offer(srtp->crypto, taglen) >= 0)) {
-			*a_crypto = ast_sdp_crypto_attrib(srtp->crypto);
-		}
-
-		if (!*a_crypto) {
-			ast_log(LOG_WARNING, "No SRTP key management enabled\n");
-		}
-	}
-}
-
 static char *get_sdp_rtp_profile(const struct sip_pvt *p, unsigned int secure, struct ast_rtp_instance *instance)
 {
 	struct ast_rtp_engine_dtls *dtls;
@@ -13197,7 +13163,8 @@
 		/* Ok, we need video. Let's add what we need for video and set codecs.
 		   Video is handled differently than audio since we can not transcode. */
 		if (needvideo) {
-			get_crypto_attrib(p, p->vsrtp, &v_a_crypto);
+			v_a_crypto = ast_sdp_srtp_get_attrib(p->vsrtp, p->dtls_cfg.enabled,
+				ast_test_flag(&p->flags[2], SIP_PAGE3_SRTP_TAG_32));
 			ast_str_append(&m_video, 0, "m=video %d %s", ast_sockaddr_port(&vdest),
 				       get_sdp_rtp_profile(p, v_a_crypto ? 1 : 0, p->vrtp));
 
@@ -13222,7 +13189,8 @@
 		if (needtext) {
 			if (sipdebug_text)
 				ast_verbose("Lets set up the text sdp\n");
-			get_crypto_attrib(p, p->tsrtp, &t_a_crypto);
+			t_a_crypto = ast_sdp_srtp_get_attrib(p->tsrtp, p->dtls_cfg.enabled,
+				ast_test_flag(&p->flags[2], SIP_PAGE3_SRTP_TAG_32));
 			ast_str_append(&m_text, 0, "m=text %d %s", ast_sockaddr_port(&tdest),
 				       get_sdp_rtp_profile(p, t_a_crypto ? 1 : 0, p->trtp));
 			if (debug) {  /* XXX should I use tdest below ? */
@@ -13243,7 +13211,8 @@
 		/* We break with the "recommendation" and send our IP, in order that our
 		   peer doesn't have to ast_gethostbyname() us */
 
-		get_crypto_attrib(p, p->srtp, &a_crypto);
+		a_crypto = ast_sdp_srtp_get_attrib(p->srtp, p->dtls_cfg.enabled,
+			ast_test_flag(&p->flags[2], SIP_PAGE3_SRTP_TAG_32));
 		ast_str_append(&m_audio, 0, "m=audio %d %s", ast_sockaddr_port(&dest),
 			       get_sdp_rtp_profile(p, a_crypto ? 1 : 0, p->rtp));
 
@@ -33299,21 +33268,6 @@
 	} while (0));
 }
 
-/* SRTP */
-static int setup_srtp(struct ast_sdp_srtp **srtp)
-{
-	if (!ast_rtp_engine_srtp_is_registered()) {
-		ast_debug(1, "No SRTP module loaded, can't setup SRTP session.\n");
-		return -1;
-	}
-
-	if (!(*srtp = ast_sdp_srtp_alloc())) { /* Allocate SRTP data structure */
-		return -1;
-	}
-
-	return 0;
-}
-
 static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct ast_sdp_srtp **srtp, const char *a)
 {
 	struct ast_rtp_engine_dtls *dtls;
@@ -33333,7 +33287,7 @@
 			return FALSE;
 		}
 
-		if (setup_srtp(srtp) < 0) {
+		if (!(*srtp = ast_sdp_srtp_alloc())) {
 			return FALSE;
 		}
 	}
@@ -33345,8 +33299,6 @@
 	if (ast_sdp_crypto_process((*srtp)->crypto, a, rtp, *srtp) < 0) {
 		return FALSE;
 	}
-
-	ast_set_flag(*srtp, AST_SRTP_CRYPTO_OFFER_OK);
 
 	if ((dtls = ast_rtp_instance_get_dtls(rtp))) {
 		dtls->stop(rtp);

Modified: team/kmoore/pimp_sip_srtp/include/asterisk/sdp_srtp.h
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/pimp_sip_srtp/include/asterisk/sdp_srtp.h?view=diff&rev=386154&r1=386153&r2=386154
==============================================================================
--- team/kmoore/pimp_sip_srtp/include/asterisk/sdp_srtp.h (original)
+++ team/kmoore/pimp_sip_srtp/include/asterisk/sdp_srtp.h Fri Apr 19 15:59:11 2013
@@ -95,15 +95,18 @@
  * \retval 0 success
  * \retval nonzero failure
  */
-int ast_sdp_crypto_offer(struct ast_sdp_crypto *p, int taglen);
+int ast_sdp_crypto_build_offer(struct ast_sdp_crypto *p, int taglen);
 
 
-/*! \brief Return the a_crypto value of the ast_sdp_crypto struct
+/*! \brief Get the crypto attribute line for the srtp structure
  *
- * \param p An ast_sdp_crypto struct that has had ast_sdp_crypto_offer called
+ * \param srtp The ast_sdp_srtp structure for which to get an attribute line
+ * \param dtls_enabled Whether this connection is encrypted with datagram TLS
+ * \param default_taglen_32 Whether to default to a tag length of 32 instead of 80
  *
- * \retval The value of the a_crypto for p
+ * \retval An attribute line containing cryptographic information
+ * \retval NULL if the srtp structure does not require an attribute line containing crypto information
  */
-const char *ast_sdp_crypto_attrib(struct ast_sdp_crypto *p);
+const char *ast_sdp_srtp_get_attrib(struct ast_sdp_srtp *srtp, int dtls_enabled, int default_taglen_32);
 
 #endif	/* _SDP_CRYPTO_H */

Modified: team/kmoore/pimp_sip_srtp/main/sdp_srtp.c
URL: http://svnview.digium.com/svn/asterisk/team/kmoore/pimp_sip_srtp/main/sdp_srtp.c?view=diff&rev=386154&r1=386153&r2=386154
==============================================================================
--- team/kmoore/pimp_sip_srtp/main/sdp_srtp.c (original)
+++ team/kmoore/pimp_sip_srtp/main/sdp_srtp.c Fri Apr 19 15:59:11 2013
@@ -48,11 +48,12 @@
 
 struct ast_sdp_srtp *ast_sdp_srtp_alloc(void)
 {
-	struct ast_sdp_srtp *srtp;
-
-	srtp = ast_calloc(1, sizeof(*srtp));
-
-	return srtp;
+	if (!ast_rtp_engine_srtp_is_registered()) {
+	       ast_debug(1, "No SRTP module loaded, can't setup SRTP session.\n");
+	       return NULL;
+	}
+
+	return ast_calloc(1, sizeof(struct ast_sdp_srtp));
 }
 
 void ast_sdp_srtp_destroy(struct ast_sdp_srtp *srtp)
@@ -291,6 +292,7 @@
 
 	if (!memcmp(p->remote_key, remote_key, sizeof(p->remote_key))) {
 		ast_debug(1, "SRTP remote key unchanged; maintaining current policy\n");
+		ast_set_flag(srtp, AST_SRTP_CRYPTO_OFFER_OK);
 		return 0;
 	}
 	memcpy(p->remote_key, remote_key, sizeof(p->remote_key));
@@ -309,10 +311,15 @@
 	}
 
 	/* Finally, rebuild the crypto line */
-	return ast_sdp_crypto_offer(p, taglen);
-}
-
-int ast_sdp_crypto_offer(struct ast_sdp_crypto *p, int taglen)
+	if (ast_sdp_crypto_build_offer(p, taglen)) {
+		return -1;
+	}
+
+	ast_set_flag(srtp, AST_SRTP_CRYPTO_OFFER_OK);
+	return 0;
+}
+
+int ast_sdp_crypto_build_offer(struct ast_sdp_crypto *p, int taglen)
 {
 	/* Rebuild the crypto line */
 	if (p->a_crypto) {
@@ -330,8 +337,36 @@
 	return 0;
 }
 
-const char *ast_sdp_crypto_attrib(struct ast_sdp_crypto *p)
-{
-	return p->a_crypto;
-}
-
+const char *ast_sdp_srtp_get_attrib(struct ast_sdp_srtp *srtp, int dtls_enabled, int default_taglen_32)
+{
+	int taglen = default_taglen_32 ? 32 : 80;
+
+	if (!srtp) {
+		return NULL;
+	}
+
+	/* Set encryption properties */
+	if (!srtp->crypto) {
+		srtp->crypto = ast_sdp_crypto_setup();
+	}
+
+	if (dtls_enabled) {
+		/* If DTLS-SRTP is enabled the key details will be pulled from TLS */
+		return NULL;
+	}
+
+	/* set the key length based on INVITE or settings */
+	if (ast_test_flag(srtp, AST_SRTP_CRYPTO_TAG_80)) {
+		taglen = 80;
+	} else if (ast_test_flag(srtp, AST_SRTP_CRYPTO_TAG_32)) {
+		taglen = 32;
+	}
+
+	if (srtp->crypto && (ast_sdp_crypto_build_offer(srtp->crypto, taglen) >= 0)) {
+		return srtp->crypto->a_crypto;
+	}
+
+	ast_log(LOG_WARNING, "No SRTP key management enabled\n");
+	return NULL;
+}
+

More information about the asterisk-commits mailing list