[svn-commits] jpeeler: branch jpeeler/srtp r103836 - in /team/jpeeler/srtp: ./ build_tools/...
SVN commits to the Digium repositories
svn-commits at lists.digium.com
Tue Feb 19 21:25:44 CST 2008
Author: jpeeler
Date: Tue Feb 19 21:25:43 2008
New Revision: 103836
URL: http://svn.digium.com/view/asterisk?view=rev&rev=103836
Log:
checkpoint, may not compile
Modified:
team/jpeeler/srtp/ (props changed)
team/jpeeler/srtp/CREDITS
team/jpeeler/srtp/build_tools/menuselect-deps.in
team/jpeeler/srtp/channels/Makefile
team/jpeeler/srtp/channels/chan_sip.c
team/jpeeler/srtp/configure.ac
team/jpeeler/srtp/include/asterisk/aes_internal.h
team/jpeeler/srtp/include/asterisk/autoconfig.h.in
team/jpeeler/srtp/include/asterisk/rtp.h
team/jpeeler/srtp/main/cryptostub.c
team/jpeeler/srtp/main/rtp.c
team/jpeeler/srtp/makeopts.in
team/jpeeler/srtp/res/Makefile
Propchange: team/jpeeler/srtp/
('svnmerge-integrated' removed)
Modified: team/jpeeler/srtp/CREDITS
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/CREDITS?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/CREDITS (original)
+++ team/jpeeler/srtp/CREDITS Tue Feb 19 21:25:43 2008
@@ -150,6 +150,9 @@
George Konstantoulakis - Support for Greek in voicemail added by InAccess
Networks (work funded by HOL, www.hol.gr) gkon(AT)inaccessnetworks.com
+Mikael Magnusson - Provided SRTP support in RTP, and SRTP and MIKEY support in the SIP channel
+ mikma at users.sourceforge.net
+
Daniel Nylander - Support for Swedish and Norwegian languages in voicemail.
http://www.danielnylander.se/
Modified: team/jpeeler/srtp/build_tools/menuselect-deps.in
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/build_tools/menuselect-deps.in?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/build_tools/menuselect-deps.in (original)
+++ team/jpeeler/srtp/build_tools/menuselect-deps.in Tue Feb 19 21:25:43 2008
@@ -16,7 +16,11 @@
LDAP=@PBX_LDAP@
LTDL=@PBX_LTDL@
LUA=@PBX_LUA@
+MCRYPTO=@PBX_MCRYPTO@
+MIKEY=@PBX_MIKEY@
MISDN=@PBX_MISDN@
+MNETUTIL=@PBX_MNETUTIL@
+MUTIL=@PBX_MUTIL@
NBS=@PBX_NBS@
NETSNMP=@PBX_NETSNMP@
NEWT=@PBX_NEWT@
@@ -33,6 +37,7 @@
SPEEXDSP=@PBX_SPEEXDSP@
SQLITE3=@PBX_SQLITE3@
SQLITE=@PBX_SQLITE@
+SRTP=@PBX_SRTP@
SS7=@PBX_SS7@
SSL=@PBX_OPENSSL@
SUPPSERV=@PBX_SUPPSERV@
Modified: team/jpeeler/srtp/channels/Makefile
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/channels/Makefile?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/channels/Makefile (original)
+++ team/jpeeler/srtp/channels/Makefile Tue Feb 19 21:25:43 2008
@@ -92,6 +92,8 @@
$(CMD_PREFIX) $(CXX) $(PTHREAD_CFLAGS) $(ASTLDFLAGS) $(SOLINK) -o $@ $< h323/libchanh323.a $(CHANH323LIB) -L$(PWLIBDIR)/lib $(PTLIB) -L$(OPENH323DIR)/lib $(H323LIB) -L/usr/lib -lcrypto -lssl -lexpat
endif
+chan_sip.so: sip_srtp.o sdp_crypto.o sdp_mikey.o
+
chan_misdn.o: ASTCFLAGS+=-Imisdn
misdn_config.o: ASTCFLAGS+=-Imisdn
Modified: team/jpeeler/srtp/channels/chan_sip.c
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/channels/chan_sip.c?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/channels/chan_sip.c (original)
+++ team/jpeeler/srtp/channels/chan_sip.c Tue Feb 19 21:25:43 2008
@@ -177,6 +177,10 @@
#include "asterisk/event.h"
#include "asterisk/tcptls.h"
+#include "sip_srtp.h"
+#include "sdp_crypto.h"
+#include "sdp_mikey.h"
+
#ifndef FALSE
#define FALSE 0
#endif
@@ -236,7 +240,7 @@
#define SIP_MAX_HEADERS 64 /*!< Max amount of SIP headers to read */
#define SIP_MAX_LINES 64 /*!< Max amount of lines in SIP attachment (like SDP) */
-#define SIP_MAX_PACKET 4096 /*!< Also from RFC 3261 (2543), should sub headers tho */
+#define SIP_MAX_PACKET 8192 /*!< Also from RFC 3261 (2543), should sub headers tho */
#define INITIAL_CSEQ 101 /*!< our initial sip sequence number */
@@ -1297,6 +1301,7 @@
(A bit unsure of this, please correct if
you know more) */
struct sip_st_dlg *stimer; /*!< SIP Session-Timers */
+ struct sip_srtp *srtp; /*!< Structure for Secure RTP session data */
};
@@ -2005,6 +2010,11 @@
static int sip_get_codec(struct ast_channel *chan);
static struct ast_frame *sip_rtp_read(struct ast_channel *ast, struct sip_pvt *p, int *faxdetect);
+/*----- SRTP interface functions */
+static int setup_srtp(struct sip_pvt *p);
+static int process_crypto(struct sip_pvt *p, const char *a);
+static int process_mikey(struct sip_pvt *p, const char *a);
+
/*------ T38 Support --------- */
static int sip_handle_t38_reinvite(struct ast_channel *chan, struct sip_pvt *pvt, int reinvite);
static int transmit_response_with_t38_sdp(struct sip_pvt *p, char *msg, struct sip_request *req, int retrans);
@@ -4125,6 +4135,53 @@
} else if (!strcasecmp(ast_var_name(current), "SIPTRANSFER_REPLACES")) {
/* We're replacing a call. */
p->options->replaces = ast_var_value(current);
+ } else if (!strcasecmp(ast_var_name(current), "SIPSRTP")) {
+ ast_log(LOG_NOTICE, "SIPSRTP\n");
+
+ if (!p->srtp) {
+ if (setup_srtp(p) < 0) {
+ ast_log(LOG_WARNING, "SRTP setup failed\n");
+ return -1;
+ }
+ }
+
+ if (!strcasecmp(ast_var_value(current), "optional")) {
+ ast_set_flag(p->srtp, SRTP_ENCR_OPTIONAL);
+ }
+ } else if (!strcasecmp(ast_var_name(current), "SIPSRTP_CRYPTO")) {
+ ast_log(LOG_NOTICE, "SIPSRTP_CRYPTO\n");
+
+ if (!p->srtp) {
+ if (setup_srtp(p) < 0) {
+ ast_log(LOG_WARNING, "SRTP setup failed\n");
+ return -1;
+ }
+ }
+
+ if (!strcasecmp(ast_var_value(current), "enable")) {
+ ast_set_flag(p->srtp, SRTP_CRYPTO_ENABLE);
+ } else if (!strcasecmp(ast_var_value(current), "disable")) {
+ ast_clear_flag(p->srtp, SRTP_CRYPTO_ENABLE);
+ } else {
+ ast_log(LOG_WARNING,"Invalid SIPSRTP_CRYPTO value (%s), enable or disable expected\n", ast_var_value(current));
+ }
+ } else if (!strcasecmp(ast_var_name(current), "SIPSRTP_MIKEY")) {
+ ast_log(LOG_NOTICE, "SIPSRTP_MIKEY\n");
+
+ if (!p->srtp) {
+ if (setup_srtp(p) < 0) {
+ ast_log(LOG_WARNING, "SRTP setup failed\n");
+ return -1;
+ }
+ }
+
+ if (!strcasecmp(ast_var_value(current), "enable")) {
+ ast_set_flag(p->srtp, SRTP_MIKEY_ENABLE);
+ } else if (!strcasecmp(ast_var_value(current), "disable")) {
+ ast_clear_flag(p->srtp, SRTP_MIKEY_ENABLE);
+ } else {
+ ast_log(LOG_WARNING,"Invalid SIPSRTP_MIKEY value (%s), enable or disable expected\n", ast_var_value(current));
+ }
} else if (!strcasecmp(ast_var_name(current), "T38CALL")) {
p->t38.state = T38_LOCAL_DIRECT;
ast_debug(1,"T38State change to %d on channel %s\n", p->t38.state, ast->name);
@@ -4320,6 +4377,10 @@
if (p->chanvars) {
ast_variables_destroy(p->chanvars);
p->chanvars = NULL;
+ }
+ if (p->srtp) {
+ sip_srtp_destroy(p->srtp);
+ p->srtp = NULL;
}
ast_mutex_destroy(&p->pvt_lock);
@@ -6244,7 +6305,9 @@
int newnoncodeccapability;
int numberofmediastreams = 0;
int debug = sip_debug_test_pvt(p);
-
+ int secure_audio = FALSE;
+ int secure_video = FALSE;
+
int found_rtpmap_codecs[32];
int last_rtpmap_codec=0;
@@ -6361,10 +6424,21 @@
int audio = FALSE;
int video = FALSE;
int text = FALSE;
+ char protocol[5] = "";
numberofports = 1;
- if ((sscanf(m, "audio %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2) ||
- (sscanf(m, "audio %d RTP/AVP %n", &x, &len) == 1)) {
+ if ((sscanf(m, "audio %d/%d RTP/%4s %n", &x, &numberofports, protocol, &len) == 3) ||
+ (sscanf(m, "audio %d RTP/%4s %n", &x, protocol, &len) == 2)) {
+ if (!strcmp(protocol, "SAVP"))
+ secure_audio = 1;
+ else if (strcmp(protocol, "AVP")) {
+ ast_log(LOG_WARNING, "Unknown SDP media protocol in offer: %s\n", protocol);
+ continue;
+ }
+ if (len < 0) {
+ ast_log(LOG_WARNING, "Unknown SDP media type in offer: %s\n", m);
+ continue;
+ }
audio = TRUE;
numberofmediastreams++;
/* Found audio stream in this media definition */
@@ -6379,8 +6453,18 @@
ast_verbose("Found RTP audio format %d\n", codec);
ast_rtp_set_m_type(newaudiortp, codec);
}
- } else if ((sscanf(m, "video %d/%d RTP/AVP %n", &x, &numberofports, &len) == 2) ||
- (sscanf(m, "video %d RTP/AVP %n", &x, &len) == 1)) {
+ } else if ((sscanf(m, "video %d/%d RTP/%4s %n", &x, &numberofports, protocol, &len) == 3) ||
+ (sscanf(m, "video %d RTP/%4s %n", &x, protocol, &len) == 2)) {
+ if (!strcmp(protocol, "SAVP"))
+ secure_video = 1;
+ else if (strcmp(protocol, "AVP")) {
+ ast_log(LOG_WARNING, "Unknown SDP media protocol for video in offer: %s\n", protocol);
+ continue;
+ }
+ if (len < 0) {
+ ast_log(LOG_WARNING, "Unknown SDP media type for video in offer: %s\n", m);
+ continue;
+ }
video = TRUE;
p->novideo = FALSE;
numberofmediastreams++;
@@ -6542,11 +6626,6 @@
if (debug)
ast_verbose("Got unsupported a:maxprate in SDP offer \n");
breakout = TRUE;
- } else if (!strncasecmp(a, "crypto:", (size_t) 7)) {
- /* SRTP stuff, not yet supported */
- if (debug)
- ast_verbose("Got unsupported a:crypto in SDP offer \n");
- breakout = TRUE;
}
if (breakout) /* We have a match, skip to next header */
continue;
@@ -6554,6 +6633,12 @@
if (!strcasecmp(a, "sendonly")) {
if (sendonly == -1)
sendonly = 1;
+ continue;
+ } else if (!strncasecmp(a, "crypto:", (size_t) 7)) {
+ process_crypto(p, a);
+ continue;
+ } else if (!strncasecmp(a, "key-mgmt:mikey ", (size_t) 15)) {
+ process_mikey(p, a);
continue;
} else if (!strcasecmp(a, "inactive")) {
if (sendonly == -1)
@@ -6628,6 +6713,11 @@
}
}
+ }
+
+ if (secure_audio && !(p->srtp && (ast_test_flag(p->srtp, SRTP_CRYPTO_OFFER_OK) || ast_test_flag(p->srtp, SRTP_MIKEY_OFFER_OK)))) {
+ ast_log(LOG_WARNING, "Can't provide secure audio requested in SDP offer\n");
+ return -2;
}
if (udptlportno != -1) {
@@ -6741,6 +6831,11 @@
change_t38_state(p, T38_DISABLED);
}
+ if (secure_video && !(p->srtp && (ast_test_flag(p->srtp, SRTP_CRYPTO_OFFER_OK) || ast_test_flag(p->srtp, SRTP_MIKEY_OFFER_OK)))) {
+ ast_log(LOG_WARNING, "Can't provide secure video requested in SDP offer\n");
+ return -2;
+ }
+
/* Now gather all of the codecs that we are asked for: */
ast_rtp_get_current_formats(newaudiortp, &peercapability, &peernoncodeccapability);
ast_rtp_get_current_formats(newvideortp, &vpeercapability, &vpeernoncodeccapability);
@@ -7913,13 +8008,19 @@
struct ast_str *a_audio = ast_str_alloca(1024); /* Attributes for audio */
struct ast_str *a_video = ast_str_alloca(1024); /* Attributes for video */
struct ast_str *a_text = ast_str_alloca(1024); /* Attributes for text */
+ const char *a_crypto = NULL;
+ const char *a_mikey = NULL;
+
int x;
int capability;
+ const char *protocol = NULL;
+ struct sip_srtp *srtp = p->srtp;
int needaudio = FALSE;
int needvideo = FALSE;
int needtext = FALSE;
int debug = sip_debug_test_pvt(p);
+ const char a_encr_optional[] = "a=encryption:optional\r\n";
int min_audio_packet_size = 0;
int min_video_packet_size = 0;
int min_text_packet_size = 0;
@@ -7976,13 +8077,49 @@
/* Get our media addresses */
get_our_media_address(p, needvideo, &sin, &vsin, &tsin, &dest, &vdest);
+ /* Set encryption properties */
+ if (srtp) {
+ if (srtp->mikey) {
+ a_mikey = sdp_mikey_attrib(srtp->mikey);
+ } else if (srtp->crypto) {
+ a_crypto = sdp_crypto_attrib(srtp->crypto);
+ } else {
+ if (ast_test_flag(p->srtp, SRTP_CRYPTO_ENABLE)) {
+ srtp->crypto = sdp_crypto_setup();
+
+ if (srtp->crypto && (sdp_crypto_offer(srtp->crypto) >= 0)) {
+ a_crypto = sdp_crypto_attrib(srtp->crypto);
+ }
+ }
+
+ if (ast_test_flag(p->srtp, SRTP_MIKEY_ENABLE)) {
+ srtp->mikey = sdp_mikey_setup(p->peersecret, p->rtp);
+ if (srtp->mikey && (sdp_mikey_offer(srtp->mikey, p->rtp) >= 0)) {
+ a_mikey = sdp_mikey_attrib(srtp->mikey);
+ }
+ }
+ }
+
+ if (!a_crypto && !a_mikey) {
+ ast_log(LOG_WARNING, "No SRTP key management enabled (MIKEY or CRYPTO)\n");
+ }
+ }
+
+ if ((a_crypto || a_mikey) && !ast_test_flag(srtp, SRTP_ENCR_OPTIONAL)) {
+ protocol = "SAVP";
+ } else {
+ protocol = "AVP";
+ }
+
+
+
if (debug)
ast_verbose("Audio is at %s port %d\n", ast_inet_ntoa(p->ourip.sin_addr), ntohs(sin.sin_port));
/* Ok, we need video. Let's add what we need for video and set codecs.
Video is handled differently than audio since we can not transcode. */
if (needvideo) {
- ast_str_append(&m_video, 0, "m=video %d RTP/AVP", ntohs(vdest.sin_port));
+ ast_str_append(&m_video, 0, "m=video %d RTP/%s", ntohs(vdest.sin_port), protocol);
/* Build max bitrate string */
if (p->maxcallbitrate)
@@ -8031,7 +8168,7 @@
snprintf(owner, sizeof(owner), "o=%s %d %d IN IP4 %s\r\n", ast_strlen_zero(global_sdpowner) ? "-" : global_sdpowner, p->sessionid, p->sessionversion, ast_inet_ntoa(dest.sin_addr));
snprintf(connection, sizeof(connection), "c=IN IP4 %s\r\n", ast_inet_ntoa(dest.sin_addr));
- ast_str_append(&m_audio, 0, "m=audio %d RTP/AVP", ntohs(dest.sin_port));
+ ast_str_append(&m_audio, 0, "m=audio %d RTP/%s", ntohs(dest.sin_port), protocol);
if (ast_test_flag(&p->flags[1], SIP_PAGE2_CALL_ONHOLD) == SIP_PAGE2_CALL_ONHOLD_ONEDIR)
hold = "a=recvonly\r\n";
@@ -8140,6 +8277,16 @@
len += m_video->used + a_video->used + strlen(bandwidth) + strlen(hold);
if (needtext) /* only if text response is appropriate */
len += m_text->used + a_text->used + strlen(hold);
+
+ if (a_crypto) {
+ len += strlen(a_crypto);
+ if (ast_test_flag(srtp, SRTP_ENCR_OPTIONAL)) {
+ len += strlen(a_encr_optional);
+ }
+ }
+
+ if (a_mikey)
+ len += strlen(a_mikey);
add_header(resp, "Content-Type", "application/sdp");
add_header_contentLength(resp, len);
@@ -8164,6 +8311,15 @@
add_line(resp, m_text->str);
add_line(resp, a_text->str);
add_line(resp, hold); /* Repeat hold for the text stream */
+ }
+ if (a_mikey) {
+ add_line(resp, a_mikey);
+ }
+ if (a_crypto) {
+ add_line(resp, a_crypto);
+ if (ast_test_flag(srtp, SRTP_ENCR_OPTIONAL)) {
+ add_line(resp, a_encr_optional);
+ }
}
/* Update lastrtprx when we send our SDP */
@@ -21175,6 +21331,77 @@
);
}
+/*
+ * SRTP
+ */
+
+static int setup_srtp(struct sip_pvt *p)
+{
+ if (!ast_srtp_is_registered()) {
+ ast_log(LOG_ERROR, "No SRTP module loaded, can't setup SRTP session.\n");
+ return -1;
+ }
+
+ p->srtp = sip_srtp_alloc(); /* Allocate SRTP data structure */
+ if (!p->srtp)
+ return -1;
+
+ return 0;
+}
+
+static int process_crypto(struct sip_pvt *p, const char *a)
+{
+ if (!p->srtp) {
+ if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
+ ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
+ return -1;
+ }
+
+ if (setup_srtp(p) < 0)
+ return -1;
+ }
+
+ if (!p->srtp->crypto)
+ p->srtp->crypto = sdp_crypto_setup();
+
+ if (!p->srtp->crypto)
+ return -1;
+
+ if (sdp_crypto_process(p->srtp->crypto, a, p->rtp) < 0)
+ return -1;
+
+ ast_set_flag(p->srtp, SRTP_CRYPTO_OFFER_OK);
+ return 0;
+}
+
+static int process_mikey(struct sip_pvt *p, const char *a)
+{
+ if (!p->srtp) {
+ if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
+ ast_log(LOG_WARNING, "Ignoring unexpected mikey attribute in SDP answer\n");
+ return -1;
+ }
+
+ if (setup_srtp(p) < 0) {
+ ast_log(LOG_WARNING, "Can't setup crypto\n");
+ return -1;
+ }
+ }
+ if (!p->srtp->mikey) {
+ p->srtp->mikey = sdp_mikey_setup(p->peersecret, p->rtp);
+ if (!p->srtp->mikey) {
+ ast_log(LOG_WARNING, "Can't setup MIKEY\n");
+ return -1;
+ }
+ }
+
+ if (sdp_mikey_process(p->srtp->mikey, a + 15, p->rtp) < 0)
+ return -1;
+
+ ast_set_flag(p->srtp, SRTP_MIKEY_OFFER_OK);
+ return -1;
+}
+
/*! \brief Reload module */
static int sip_do_reload(enum channelreloadreason reason)
{
@@ -21259,6 +21486,7 @@
static int load_module(void)
{
ast_verbose("SIP channel loading...\n");
+ sdp_mikey_init();
ASTOBJ_CONTAINER_INIT(&userl); /* User object list */
ASTOBJ_CONTAINER_INIT(&peerl); /* Peer object list */
ASTOBJ_CONTAINER_INIT(®l); /* Registry object list */
@@ -21437,6 +21665,8 @@
if (con)
ast_context_destroy(con, "SIP");
+ sdp_mikey_uninit();
+
return 0;
}
Modified: team/jpeeler/srtp/configure.ac
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/configure.ac?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/configure.ac (original)
+++ team/jpeeler/srtp/configure.ac Tue Feb 19 21:25:43 2008
@@ -218,7 +218,11 @@
AST_EXT_LIB_SETUP([LDAP], [OpenLDAP], [ldap])
AST_EXT_LIB_SETUP([LTDL], [libtool], [ltdl])
AST_EXT_LIB_SETUP([LUA], [Lua], [lua])
+AST_EXT_LIB_SETUP([MCRYPTO], [Minisip Cryptography Library], [mcrypto])
+AST_EXT_LIB_SETUP([MIKEY], [Minisip Multimedia Internet Keying], [mikey
AST_EXT_LIB_SETUP([MISDN], [mISDN User Library], [misdn])
+AST_EXT_LIB_SETUP([MNETUTIL], [Minisip Network Utility Toolkit], [mnetutil])
+AST_EXT_LIB_SETUP([MUTIL], [Minisip Utility Toolkit], [mutil])
AST_EXT_LIB_SETUP([NBS], [Network Broadcast Sound], [nbs])
AST_EXT_LIB_SETUP([NCURSES], [ncurses], [ncurses])
AST_EXT_LIB_SETUP([NETSNMP], [Net-SNMP], [netsnmp])
@@ -239,6 +243,7 @@
AST_EXT_LIB_SETUP([SPEEXDSP], [Speexdsp], [speexdsp])
AST_EXT_LIB_SETUP([SQLITE], [SQLite], [sqlite])
AST_EXT_LIB_SETUP([SQLITE3], [SQLite], [sqlite3])
+AST_EXT_LIB_SETUP([SRTP], [Secure RTP], [srtp])
AST_EXT_LIB_SETUP([SUPPSERV], [mISDN Supplemental Services], [suppserv])
AST_EXT_LIB_SETUP([OPENSSL], [OpenSSL Secure Sockets Layer support], [ssl])
AST_EXT_LIB_SETUP([FREETDS], [FreeTDS], [tds])
@@ -1328,6 +1333,8 @@
AST_EXT_LIB_CHECK([OSPTK], [osptk], [OSPPCryptoDecrypt], [osp/osp.h], [-lcrypto -lssl])
fi
+AST_EXT_LIB_CHECK([SRTP], [srtp], [srtp_init], [srtp/srtp.h])
+
AST_EXT_LIB_CHECK([FREETDS], [tds], [tds_version], [tds.h])
if test "${PBX_FREETDS}" != "0";
then
@@ -1406,6 +1413,18 @@
fi
fi
+dnl Minisip
+AM_MINISIP_CHECK_LIBMUTIL([0.3.1], [PBX_MUTIL=1], [PBX_MUTIL=0])
+AM_MINISIP_CHECK_LIBMNETUTIL([0.3.1], [PBX_MNETUTIL=1], [PBX_MNETUTIL=0])
+AM_MINISIP_CHECK_LIBMCRYPTO([0.3.1], [PBX_MCRYPTO=1], [PBX_MCRYPTO=0])
+AM_MINISIP_CHECK_LIBMIKEY([0.4.1], [PBX_MIKEY=1], [PBX_MIKEY=0])
+AM_MINISIP_CHECK_COMPLETE
+
+AC_SUBST([PBX_MUTIL])
+AC_SUBST([PBX_MNETUTIL])
+AC_SUBST([PBX_MCRYPTO])
+AC_SUBST([PBX_MIKEY])
+
AC_LANG_POP
AST_EXT_LIB_CHECK([ZLIB], [z], [compress], [zlib.h])
Modified: team/jpeeler/srtp/include/asterisk/aes_internal.h
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/include/asterisk/aes_internal.h?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/include/asterisk/aes_internal.h (original)
+++ team/jpeeler/srtp/include/asterisk/aes_internal.h Tue Feb 19 21:25:43 2008
@@ -115,6 +115,8 @@
#ifdef AES_ENCRYPT
+#define aes_encrypt ast_aes_encrypt
+
typedef struct
{ aes_32t ks[KS_LENGTH];
} aes_encrypt_ctx;
@@ -139,6 +141,8 @@
#endif
#ifdef AES_DECRYPT
+
+#define aes_decrypt ast_aes_decrypt
typedef struct
{ aes_32t ks[KS_LENGTH];
Modified: team/jpeeler/srtp/include/asterisk/autoconfig.h.in
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/include/asterisk/autoconfig.h.in?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/include/asterisk/autoconfig.h.in (original)
+++ team/jpeeler/srtp/include/asterisk/autoconfig.h.in Tue Feb 19 21:25:43 2008
@@ -388,6 +388,18 @@
/* Define to 1 if you have the <libintl.h> header file. */
#undef HAVE_LIBINTL_H
+/* Define to 1 if you have the `mcrypto' library (-lmcrypto). */
+#undef HAVE_LIBMCRYPTO
+
+/* Define to 1 if you have the `mikey' library (-lmikey). */
+#undef HAVE_LIBMIKEY
+
+/* Define to 1 if you have the `mnetutil' library (-lmnetutil). */
+#undef HAVE_LIBMNETUTIL
+
+/* Define to 1 if you have the `mutil' library (-lmutil). */
+#undef HAVE_LIBMUTIL
+
/* Define to 1 if you have the <limits.h> header file. */
#undef HAVE_LIMITS_H
@@ -750,6 +762,12 @@
/* Define to indicate the ${SQRT_DESCRIP} library version */
#undef HAVE_SQRT_VERSION
+
+/* Define this to indicate the ${SRTP_DESCRIP} library */
+#undef HAVE_SRTP
+
+/* Define to indicate the ${SRTP_DESCRIP} library version */
+#undef HAVE_SRTP_VERSION
/* Define this to indicate the ${SS7_DESCRIP} library */
#undef HAVE_SS7
Modified: team/jpeeler/srtp/include/asterisk/rtp.h
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/include/asterisk/rtp.h?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/include/asterisk/rtp.h (original)
+++ team/jpeeler/srtp/include/asterisk/rtp.h Tue Feb 19 21:25:43 2008
@@ -97,6 +97,68 @@
double rtt; /*!< Round trip time */
};
+struct ast_srtp;
+
+struct ast_srtp_policy;
+
+struct ast_srtp_cb {
+ int (*no_ctx)(struct ast_rtp *rtp, unsigned long ssrc, void *data);
+};
+
+struct ast_srtp_res {
+ int (*create)(struct ast_srtp **srtp, struct ast_rtp *rtp,
+ struct ast_srtp_policy *policy);
+ void (*destroy)(struct ast_srtp *srtp);
+ int (*add_stream)(struct ast_srtp *srtp, struct ast_srtp_policy *policy);
+ void (*set_cb)(struct ast_srtp *srtp,
+ const struct ast_srtp_cb *cb, void *data);
+ int (*unprotect)(struct ast_srtp *srtp, void *buf, int *size);
+ int (*protect)(struct ast_srtp *srtp, void **buf, int *size);
+ int (*get_random)(unsigned char *key, size_t len);
+};
+
+/* Crypto suites */
+enum ast_srtp_suite {
+ AST_AES_CM_128_HMAC_SHA1_80 = 1,
+ AST_AES_CM_128_HMAC_SHA1_32 = 2,
+ AST_F8_128_HMAC_SHA1_80 = 3
+};
+
+enum ast_srtp_ealg {
+ AST_MIKEY_SRTP_EALG_NULL = 0,
+ AST_MIKEY_SRTP_EALG_AESCM = 1
+};
+
+enum ast_srtp_aalg {
+ AST_MIKEY_SRTP_AALG_NULL = 0,
+ AST_MIKEY_SRTP_AALG_SHA1HMAC = 1
+};
+
+struct ast_srtp_policy_res {
+ struct ast_srtp_policy *(*alloc)(void);
+ void (*destroy)(struct ast_srtp_policy *policy);
+ int (*set_suite)(struct ast_srtp_policy *policy,
+ enum ast_srtp_suite suite);
+ int (*set_master_key)(struct ast_srtp_policy *policy,
+ const unsigned char *key, size_t key_len,
+ const unsigned char *salt, size_t salt_len);
+ int (*set_encr_alg)(struct ast_srtp_policy *policy,
+ enum ast_srtp_ealg ealg);
+ int (*set_auth_alg)(struct ast_srtp_policy *policy,
+ enum ast_srtp_aalg aalg);
+ void (*set_encr_keylen)(struct ast_srtp_policy *policy, int ekeyl);
+ void (*set_auth_keylen)(struct ast_srtp_policy *policy, int akeyl);
+ void (*set_srtp_auth_taglen)(struct ast_srtp_policy *policy, int autht);
+ void (*set_srtp_encr_enable)(struct ast_srtp_policy *policy, int enable);
+ void (*set_srtcp_encr_enable)(struct ast_srtp_policy *policy, int enable);
+ void (*set_srtp_auth_enable)(struct ast_srtp_policy *policy, int enable);
+ void (*set_ssrc)(struct ast_srtp_policy *policy, unsigned long ssrc,
+ int inbound);
+};
+
+
+#define FLAG_3389_WARNING (1 << 0)
+
/*! RTP callback structure */
typedef int (*ast_rtp_callback)(struct ast_rtp *rtp, struct ast_frame *f, void *data);
@@ -261,6 +323,31 @@
void ast_rtp_init(void); /*! Initialize RTP subsystem */
int ast_rtp_reload(void); /*! reload rtp configuration */
void ast_rtp_new_init(struct ast_rtp *rtp);
+
+int ast_rtp_register_srtp(struct ast_srtp_res *srtp_res, struct ast_srtp_policy_res *policy_res);
+
+int ast_rtp_unregister_srtp(struct ast_srtp_res *srtp_res, struct ast_srtp_policy_res *policy_res);
+
+int ast_srtp_is_registered(void);
+
+unsigned int ast_rtp_get_ssrc(struct ast_rtp *rtp);
+void ast_rtp_set_srtp_cb(struct ast_rtp *rtp, const struct ast_srtp_cb *cb, void *data);
+int ast_rtp_add_srtp_policy(struct ast_rtp *rtp, struct ast_srtp_policy *policy);
+struct ast_srtp_policy *ast_srtp_policy_alloc(void);
+int ast_srtp_policy_set_suite(struct ast_srtp_policy *policy, enum ast_srtp_suite suite);
+int ast_srtp_policy_set_master_key(struct ast_srtp_policy *policy, const unsigned char *key, size_t key_len, const unsigned char *salt, size_t salt_len);
+int ast_srtp_policy_set_encr_alg(struct ast_srtp_policy *policy, enum ast_srtp_ealg ealg);
+int ast_srtp_policy_set_auth_alg(struct ast_srtp_policy *policy, enum ast_srtp_aalg aalg);
+void ast_srtp_policy_set_encr_keylen(struct ast_srtp_policy *policy, int ekeyl);
+void ast_srtp_policy_set_auth_keylen(struct ast_srtp_policy *policy, int akeyl);
+void ast_srtp_policy_set_srtp_auth_taglen(struct ast_srtp_policy *policy, int autht);
+void ast_srtp_policy_set_srtp_encr_enable(struct ast_srtp_policy *policy, int enable);
+void ast_srtp_policy_set_srtcp_encr_enable(struct ast_srtp_policy *policy, int enable);
+void ast_srtp_policy_set_srtp_auth_enable(struct ast_srtp_policy *policy, int enable);
+void ast_srtp_policy_set_ssrc(struct ast_srtp_policy *policy, unsigned long ssrc, int inbound);
+
+void ast_srtp_policy_destroy(struct ast_srtp_policy *policy);
+int ast_srtp_get_random(unsigned char *key, size_t len);
/*! \brief Set codec preference */
void ast_rtp_codec_setpref(struct ast_rtp *rtp, struct ast_codec_pref *prefs);
Modified: team/jpeeler/srtp/main/cryptostub.c
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/main/cryptostub.c?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/main/cryptostub.c (original)
+++ team/jpeeler/srtp/main/cryptostub.c Tue Feb 19 21:25:43 2008
@@ -28,6 +28,8 @@
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
#include "asterisk/crypto.h"
+#include "asterisk/mikey.h"
+
static struct ast_key *stub_ast_key_get(const char *kname, int ktype)
{
@@ -65,3 +67,27 @@
build_stub(ast_sign_bin, struct ast_key *key, const char *msg, int msglen, unsigned char *sig);
build_stub(ast_encrypt_bin, unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key);
build_stub(ast_decrypt_bin, unsigned char *dst, const unsigned char *src, int srclen, struct ast_key *key);
+
+
+static struct ast_mikey_res *g_ast_mikey_res;
+
+int ast_register_mikey(struct ast_mikey_res *mikey_res)
+{
+ g_ast_mikey_res = mikey_res;
+ return 0;
+}
+
+int ast_unregister_mikey(struct ast_mikey_res *mikey_res)
+{
+ if (g_ast_mikey_res == mikey_res) {
+ g_ast_mikey_res = NULL;
+ return 0;
+ }
+
+ return -1;
+}
+
+struct ast_mikey_res *ast_get_mikey(void)
+{
+ return g_ast_mikey_res;
+}
Modified: team/jpeeler/srtp/main/rtp.c
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/main/rtp.c?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/main/rtp.c (original)
+++ team/jpeeler/srtp/main/rtp.c Tue Feb 19 21:25:43 2008
@@ -89,6 +89,9 @@
/* Uncomment this to enable more intense native bridging, but note: this is currently buggy */
/* #define P2P_INTENSE */
+struct ast_srtp_res *g_srtp_res;
+struct ast_srtp_policy_res *g_policy_res;
+
/*!
* \brief Structure representing a RTP session.
*
@@ -100,7 +103,6 @@
int isAstFormat; /*!< whether the following code is an AST_FORMAT */
int code;
};
-
/*! \brief RTP session description */
struct ast_rtp {
@@ -171,7 +173,8 @@
int rtp_lookup_code_cache_result;
struct ast_rtcp *rtcp;
struct ast_codec_pref pref;
- struct ast_rtp *bridged; /*!< Who we are Packet bridged to */
+ struct ast_rtp *bridged; /*!< Who we are Packet bridged to */
+ struct ast_srtp *srtp; /*!< Secure RTP data */
enum strict_rtp_state strict_rtp_state; /*!< Current state that strict RTP protection is in */
struct sockaddr_in strict_rtp_address; /*!< Remote address information for strict RTP purposes */
@@ -1030,6 +1033,224 @@
rtp->f.delivery.tv_usec = rtp->f.delivery.tv_sec = 0;
f = &rtp->f;
return f;
+}
+
+/*! \brief Register SRTP module in res_srtp to rtp core */
+int ast_rtp_register_srtp(struct ast_srtp_res *srtp_res,
+ struct ast_srtp_policy_res *policy_res)
+{
+ if (g_srtp_res || g_policy_res)
+ return -1;
+
+ if (!srtp_res || !policy_res)
+ return -1;
+
+ g_srtp_res = srtp_res;
+ g_policy_res = policy_res;
+ return 0;
+}
+
+int ast_rtp_unregister_srtp(struct ast_srtp_res *srtp_res,
+ struct ast_srtp_policy_res *policy_res)
+{
+ g_srtp_res = NULL;
+ g_policy_res = NULL;
+ return 0;
+}
+
+/*! \brief Check if there's a SRTP module registred and available */
+int ast_srtp_is_registered(void)
+{
+ return g_srtp_res && g_policy_res;
+}
+
+unsigned int ast_rtp_get_ssrc(struct ast_rtp *rtp)
+{
+ return rtp->ssrc;
+}
+
+void ast_rtp_set_srtp_cb(struct ast_rtp *rtp, const struct ast_srtp_cb *cb,
+ void *data)
+{
+ if (!g_srtp_res || !rtp->srtp)
+ return;
+
+ g_srtp_res->set_cb(rtp->srtp, cb, data);
+}
+
+void ast_srtp_policy_set_ssrc(struct ast_srtp_policy *policy, unsigned long ssrc, int inbound)
+{
+ if (!g_policy_res)
+ return;
+
+ g_policy_res->set_ssrc(policy, ssrc, inbound);
+}
+
+int ast_rtp_add_srtp_policy(struct ast_rtp *rtp, struct ast_srtp_policy *policy)
+{
+ int res;
+
+ if (!g_srtp_res)
+ return -1;
+
+ if (!rtp->srtp) {
+ res = g_srtp_res->create(&rtp->srtp, rtp, policy);
+ } else {
+ res = g_srtp_res->add_stream(rtp->srtp, policy);
+ }
+
+ return res;
+}
+
+struct ast_srtp_policy *ast_srtp_policy_alloc()
+{
+ if (!g_policy_res)
+ return NULL;
+
+ return g_policy_res->alloc();
+}
+
+void ast_srtp_policy_destroy(struct ast_srtp_policy *policy)
+{
+ if (!g_policy_res)
+ return;
+
+ g_policy_res->destroy(policy);
+}
+
+int ast_srtp_policy_set_suite(struct ast_srtp_policy *policy,
+ enum ast_srtp_suite suite)
+{
+ if (!g_policy_res)
+ return -1;
+
+ return g_policy_res->set_suite(policy, suite);
+}
+
+int ast_srtp_policy_set_master_key(struct ast_srtp_policy *policy,
+ const unsigned char *key, size_t key_len,
+ const unsigned char *salt, size_t salt_len)
+{
+ if (!g_policy_res)
+ return -1;
+
+ return g_policy_res->set_master_key(policy, key, key_len, salt, salt_len);
+}
+
+int ast_srtp_policy_set_encr_alg(struct ast_srtp_policy *policy,
+ enum ast_srtp_ealg ealg)
+{
+ if (!g_policy_res)
+ return -1;
+
+ return g_policy_res->set_encr_alg(policy, ealg);
+}
+
+int ast_srtp_policy_set_auth_alg(struct ast_srtp_policy *policy,
+ enum ast_srtp_aalg aalg)
+{
+ if (!g_policy_res)
+ return -1;
+
+ return g_policy_res->set_auth_alg(policy, aalg);
+}
+
+void ast_srtp_policy_set_encr_keylen(struct ast_srtp_policy *policy, int ekeyl)
+{
+ if (!g_policy_res)
+ return;
+
+ return g_policy_res->set_encr_keylen(policy, ekeyl);
+}
+
+void ast_srtp_policy_set_auth_keylen(struct ast_srtp_policy *policy,
+ int akeyl)
+{
+ if (!g_policy_res)
+ return;
+
+ return g_policy_res->set_auth_keylen(policy, akeyl);
+}
+
+void ast_srtp_policy_set_srtp_auth_taglen(struct ast_srtp_policy *policy,
+ int autht)
+{
+ if (!g_policy_res)
+ return;
+
+ return g_policy_res->set_srtp_auth_taglen(policy, autht);
+}
+
+void ast_srtp_policy_set_srtp_encr_enable(struct ast_srtp_policy *policy,
+ int enable)
+{
+ if (!g_policy_res)
+ return;
+
+ return g_policy_res->set_srtp_encr_enable(policy, enable);
+}
+
+void ast_srtp_policy_set_srtcp_encr_enable(struct ast_srtp_policy *policy,
+ int enable)
+{
+ if (!g_policy_res)
+ return;
+
+ return g_policy_res->set_srtcp_encr_enable(policy, enable);
+}
+
+void ast_srtp_policy_set_srtp_auth_enable(struct ast_srtp_policy *policy,
+ int enable)
+{
+ if (!g_policy_res)
+ return;
+
+ return g_policy_res->set_srtp_auth_enable(policy, enable);
+}
+
+int ast_srtp_get_random(unsigned char *key, size_t len)
+{
+ if (!g_srtp_res)
+ return -1;
+
+ return g_srtp_res->get_random(key, len);
+}
+
+static int rtp_recvfrom(struct ast_rtp *rtp, void *buf, size_t size,
+ int flags, struct sockaddr *sa, socklen_t *salen)
+{
+ int len;
+
+ len = recvfrom(rtp->s, buf, size, flags, sa, salen);
+
+ if (len < 0)
+ return len;
+
+ if (g_srtp_res && rtp->srtp) {
+ int res;
+
+ res = g_srtp_res->unprotect(rtp->srtp, buf, &len);
+ if (res < 0)
+ return -1;
+ }
+
+ return len;
+}
+
+static int rtp_sendto(struct ast_rtp *rtp, void *buf, size_t size,
+ int flags, struct sockaddr *sa, socklen_t salen)
+{
+ int len = size;
+ void *temp = buf;
+
+ if (g_srtp_res && rtp->srtp) {
+ int res = g_srtp_res->protect(rtp->srtp, &temp, &len);
+
+ if (res < 0)
+ return -1;
+ }
+
+ return sendto(rtp->s, temp, len, flags, sa, salen);
}
static int rtpread(int *id, int fd, short events, void *cbdata)
@@ -1356,7 +1577,7 @@
rtpheader[0] = htonl(reconstruct);
/* Send the packet back out */
- res = sendto(bridged->s, (void *)rtpheader, len, 0, (struct sockaddr *)&bridged->them, sizeof(bridged->them));
+ res = rtp_sendto(bridged, (void *)rtpheader, len + hdrlen, 0, (struct sockaddr *)&bridged->them, sizeof(bridged->them));
if (res < 0) {
if (!bridged->nat || (bridged->nat && (ast_test_flag(bridged, FLAG_NAT_ACTIVE) == FLAG_NAT_ACTIVE))) {
ast_debug(1, "RTP Transmission error of packet to %s:%d: %s\n", ast_inet_ntoa(bridged->them.sin_addr), ntohs(bridged->them.sin_port), strerror(errno));
@@ -1398,7 +1619,7 @@
len = sizeof(sin);
/* Cache where the header will go */
- res = recvfrom(rtp->s, rtp->rawdata + AST_FRIENDLY_OFFSET, sizeof(rtp->rawdata) - AST_FRIENDLY_OFFSET,
+ res = rtp_recvfrom(rtp, rtp->rawdata + AST_FRIENDLY_OFFSET, sizeof(rtp->rawdata) - AST_FRIENDLY_OFFSET,
0, (struct sockaddr *)&sin, &len);
/* If strict RTP protection is enabled see if we need to learn this address or if the packet should be dropped */
@@ -2568,7 +2789,7 @@
for (i = 0; i < 2; i++) {
rtpheader[3] = htonl((digit << 24) | (0xa << 16) | (rtp->send_duration));
- res = sendto(rtp->s, (void *) rtpheader, hdrlen + 4, 0, (struct sockaddr *) &rtp->them, sizeof(rtp->them));
+ res = rtp_sendto(rtp, (void *) rtpheader, hdrlen + 4, 0, (struct sockaddr *) &rtp->them, sizeof(rtp->them));
if (res < 0)
ast_log(LOG_ERROR, "RTP Transmission error to %s:%u: %s\n",
ast_inet_ntoa(rtp->them.sin_addr),
@@ -2968,7 +3189,7 @@
rtpheader[2] = htonl(rtp->ssrc);
data[12] = level;
if (rtp->them.sin_port && rtp->them.sin_addr.s_addr) {
- res = sendto(rtp->s, (void *)rtpheader, hdrlen + 1, 0, (struct sockaddr *)&rtp->them, sizeof(rtp->them));
+ res = rtp_sendto(rtp, (void *)rtpheader, hdrlen + 1, 0, (struct sockaddr *)&rtp->them, sizeof(rtp->them));
if (res <0)
ast_log(LOG_ERROR, "RTP Comfort Noise Transmission error to %s:%d: %s\n", ast_inet_ntoa(rtp->them.sin_addr), ntohs(rtp->them.sin_port), strerror(errno));
if (rtp_debug_test_addr(&rtp->them))
@@ -3761,6 +3982,13 @@
return AST_BRIDGE_FAILED_NOWARN;
}
+ if (p0->srtp || p1->srtp) {
+ ast_log(LOG_NOTICE, "Cannot native bridge in SRTP.\n");
+ ast_channel_unlock(c0);
+ ast_channel_unlock(c1);
+ return AST_BRIDGE_FAILED_NOWARN;
+ }
+
/* If we need to feed DTMF frames into the core then only do a partial native bridge */
if (ast_test_flag(p0, FLAG_HAS_DTMF) && (flags & AST_BRIDGE_DTMF_CHANNEL_0)) {
ast_set_flag(p0, FLAG_P2P_NEED_DTMF);
Modified: team/jpeeler/srtp/makeopts.in
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/makeopts.in?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/makeopts.in (original)
+++ team/jpeeler/srtp/makeopts.in Tue Feb 19 21:25:43 2008
@@ -108,6 +108,18 @@
LUA_INCLUDE=@LUA_INCLUDE@
LUA_LIB=@LUA_LIB@
+MUTIL_INCLUDE=@MUTIL_CFLAGS@
+MUTIL_LIB=@MUTIL_LIBS@
+
+MNETUTIL_INCLUDE=@MNETUTIL_CFLAGS@
+MNETUTIL_LIB=@MNETUTIL_LIBS@
+
+MCRYPTO_INCLUDE=@MCRYPTO_CFLAGS@
+MCRYPTO_LIB=@MCRYPTO_LIBS@
+
+MIKEY_INCLUDE=@MIKEY_CFLAGS@
+MIKEY_LIB=@MIKEY_LIBS@
+
NBS_INCLUDE=@NBS_INCLUDE@
NBS_LIB=@NBS_LIB@
@@ -171,6 +183,9 @@
SPEEXDSP_INCLUDE=@SPEEXDSP_INCLUDE@
SPEEXDSP_LIB=@SPEEXDSP_LIB@
+SRTP_LIB=@SRTP_LIB@
+SRTP_INCLUDE=@SRTP_INCLUDE@
+
SQLITE_INCLUDE=@SQLITE_INCLUDE@
SQLITE_LIB=@SQLITE_LIB@
Modified: team/jpeeler/srtp/res/Makefile
URL: http://svn.digium.com/view/asterisk/team/jpeeler/srtp/res/Makefile?view=diff&rev=103836&r1=103835&r2=103836
==============================================================================
--- team/jpeeler/srtp/res/Makefile (original)
+++ team/jpeeler/srtp/res/Makefile Tue Feb 19 21:25:43 2008
@@ -37,6 +37,10 @@
$(if $(filter res_snmp,$(EMBEDDED_MODS)),modules.link,res_snmp.so): snmp/agent.o
+mikey.oo: ASTCFLAGS+=$(MUTIL_INCLUDE) $(MCRYPTO_INCLUDE) $(MIKEY_INCLUDE)
+res_mikey.so: res_mikey.o mikey.oo
+res_mikey.so: LIBS+=$(MIKEY_LIB) $(MCRYPTO_LIB) $(MUTIL_LIB)
+
$(if $(filter res_ael_share,$(EMBEDDED_MODS)),modules.link,res_ael_share.so): ael/ael_lex.o ael/ael.tab.o ael/pval.o
ael/ael_lex.c:
More information about the svn-commits
mailing list