[Asterisk-code-review] res srtp: Instead of libSRTP use OpenSSL as random source. (asterisk[11])
Anonymous Coward
asteriskteam at digium.com
Tue Jun 7 09:13:41 CDT 2016
Anonymous Coward #1000019 has submitted this change and it was merged.
Change subject: res_srtp: Instead of libSRTP use OpenSSL as random source.
......................................................................
res_srtp: Instead of libSRTP use OpenSSL as random source.
Since libSRTP 1.5, its Random Number Generator (RNG) is not maintained anymore.
Therefore, the symbol RAND_bytes is used instead of crypto_get_random.
ASTERISK-24436 #close
Change-Id: Iea0bae4d4e3c9aa0926ea442b6484b5159789d96
---
M res/res_srtp.c
1 file changed, 8 insertions(+), 0 deletions(-)
Approvals:
George Joseph: Looks good to me, but someone else must approve
Anonymous Coward #1000019: Verified
Joshua Colp: Looks good to me, approved
diff --git a/res/res_srtp.c b/res/res_srtp.c
index 54ce9e7..0193eb6 100644
--- a/res/res_srtp.c
+++ b/res/res_srtp.c
@@ -40,7 +40,11 @@
ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
#include <srtp/srtp.h>
+#ifdef HAVE_OPENSSL
+#include <openssl/rand.h>
+#else
#include <srtp/crypto_kernel.h>
+#endif
#include "asterisk/lock.h"
#include "asterisk/sched.h"
@@ -305,7 +309,11 @@
static int ast_srtp_get_random(unsigned char *key, size_t len)
{
+#ifdef HAVE_OPENSSL
+ return RAND_bytes(key, len) > 0 ? 0: -1;
+#else
return crypto_get_random(key, len) != err_status_ok ? -1: 0;
+#endif
}
static void ast_srtp_set_cb(struct ast_srtp *srtp, const struct ast_srtp_cb *cb, void *data)
--
To view, visit https://gerrit.asterisk.org/2962
To unsubscribe, visit https://gerrit.asterisk.org/settings
Gerrit-MessageType: merged
Gerrit-Change-Id: Iea0bae4d4e3c9aa0926ea442b6484b5159789d96
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 11
Gerrit-Owner: Alexander Traud <pabstraud at compuserve.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
More information about the asterisk-code-review
mailing list