[asterisk-dev] [Code Review] 3679: WebRTC: Add SHA-256 support, change DTLS-SRTP negotiation, add finer grain control of things.
Matt Jordan
reviewboard at asterisk.org
Sat Jun 28 15:35:57 CDT 2014
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/3679/#review12382
-----------------------------------------------------------
/branches/11/res/res_rtp_asterisk.c
<https://reviewboard.asterisk.org/r/3679/#comment22580>
I would pull out the shared DTLS attributes between this and the ast_rtcp struct and put them into a new dtls struct that both use. That would allow you to write a single shared initialization routine.
The initialization routine should take in as parameters the shared struct values and the ssl_ctx. It should be able to initialize ssl, read_bio, and write_bio (and maybe a few others).
/branches/11/res/res_rtp_asterisk.c
<https://reviewboard.asterisk.org/r/3679/#comment22581>
I'd create a shared routine that correctly disposes of these three objects on either the rtp or rtcp struct.
/branches/11/res/res_rtp_asterisk.c
<https://reviewboard.asterisk.org/r/3679/#comment22582>
Does this leak read_BIO and write_BIO on the rtp/rtcp structs?
/branches/11/res/res_rtp_asterisk.c
<https://reviewboard.asterisk.org/r/3679/#comment22584>
And call a shared destruction routine here
/branches/11/res/res_rtp_asterisk.c
<https://reviewboard.asterisk.org/r/3679/#comment22585>
Probably here as well. (Again, I think this leaks the BIO_read|write buffers).
/branches/11/res/res_rtp_asterisk.c
<https://reviewboard.asterisk.org/r/3679/#comment22583>
Call a shared destruction routine here
- Matt Jordan
On June 26, 2014, 10:49 a.m., Joshua Colp wrote:
>
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/3679/
> -----------------------------------------------------------
>
> (Updated June 26, 2014, 10:49 a.m.)
>
>
> Review request for Asterisk Developers.
>
>
> Bugs: ASTERISK-22961 and ASTERISK-23026
> https://issues.asterisk.org/jira/browse/ASTERISK-22961
> https://issues.asterisk.org/jira/browse/ASTERISK-23026
>
>
> Repository: Asterisk
>
>
> Description
> -------
>
> This change does the following:
>
> 1. Adds SHA-256 support for DTLS-SRTP. This is done in an extensible way so if we need to add other hashes it should be relatively easy to.
> 2. Adds the ability to force "AVP" for DTLS streams for greater interoperability.
> 3. Sets the ICE role to controlled or controlling depending on offer/answer.
> 4. Provides the ability to verify only fingerprint, certificate, or both.
> 5. Adds DTLS negotiation to RTCP.
> 6. Changes DTLS negotiation to occur after ICE negotiation completes.
> 7. Adds handling of DTLS traffic before ICE negotiation has formally completed.
>
>
> Diffs
> -----
>
> /branches/11/res/res_rtp_asterisk.c 417252
> /branches/11/main/rtp_engine.c 417252
> /branches/11/include/asterisk/rtp_engine.h 417252
> /branches/11/configs/sip.conf.sample 417252
> /branches/11/channels/sip/include/sip.h 417252
> /branches/11/channels/chan_sip.c 417252
>
> Diff: https://reviewboard.asterisk.org/r/3679/diff/
>
>
> Testing
> -------
>
> Tested inbound and outbound calls against:
>
> Chrome
> Yandex Browser
> Opera
> Maxthon
> Firefox
>
> Note that hold/unhold only currently works against Chrome based browsers.
>
>
> Thanks,
>
> Joshua Colp
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20140628/1c29a6e9/attachment-0001.html>
More information about the asterisk-dev
mailing list