<p>Jenkins2 <strong>merged</strong> this change.</p><p><a href="https://gerrit.asterisk.org/6825">View Change</a></p><div style="white-space:pre-wrap">Approvals:
George Joseph: Looks good to me, but someone else must approve
Joshua Colp: Looks good to me, approved
Jenkins2: Approved for Submit
</div><pre style="font-family: monospace,monospace; white-space: pre-wrap;">res_srtp: Add support for libsrtp2 with AES-GCM.<br><br>Beside allowing AES-GCM again, this adds AES-192 again.<br><br>ASTERISK-27356<br><br>Change-Id: Ia97a435faf26300335d9552fa676b5d17e5f7233<br>---<br>M configure<br>M configure.ac<br>M res/srtp/srtp_compat.h<br>3 files changed, 117 insertions(+), 0 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">diff --git a/configure b/configure<br>index 59bc3b1..588fbfd 100755<br>--- a/configure<br>+++ b/configure<br>@@ -33793,6 +33793,110 @@<br> <br> <br> <br>+if test "x${PBX_SRTP_192}" != "x1" -a "${USE_SRTP_192}" != "no"; then<br>+ pbxlibdir=""<br>+ # if --with-SRTP_192=DIR has been specified, use it.<br>+ if test "x${SRTP_192_DIR}" != "x"; then<br>+ if test -d ${SRTP_192_DIR}/lib; then<br>+ pbxlibdir="-L${SRTP_192_DIR}/lib"<br>+ else<br>+ pbxlibdir="-L${SRTP_192_DIR}"<br>+ fi<br>+ fi<br>+ pbxfuncname="srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80"<br>+ if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers<br>+ AST_SRTP_192_FOUND=yes<br>+ else<br>+ ast_ext_lib_check_save_CFLAGS="${CFLAGS}"<br>+ CFLAGS="${CFLAGS} "<br>+ as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`<br>+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5<br>+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }<br>+if eval \${$as_ac_Lib+:} false; then :<br>+ $as_echo_n "(cached) " >&6<br>+else<br>+ ac_check_lib_save_LIBS=$LIBS<br>+LIBS="-lsrtp2 ${pbxlibdir} $LIBS"<br>+cat confdefs.h - <<_ACEOF >conftest.$ac_ext<br>+/* end confdefs.h. */<br>+<br>+/* Override any GCC internal prototype to avoid an error.<br>+ Use char because int might match the return type of a GCC<br>+ builtin and then its argument prototype would still apply. */<br>+#ifdef __cplusplus<br>+extern "C"<br>+#endif<br>+char ${pbxfuncname} ();<br>+int<br>+main ()<br>+{<br>+return ${pbxfuncname} ();<br>+ ;<br>+ return 0;<br>+}<br>+_ACEOF<br>+if ac_fn_c_try_link "$LINENO"; then :<br>+ eval "$as_ac_Lib=yes"<br>+else<br>+ eval "$as_ac_Lib=no"<br>+fi<br>+rm -f core conftest.err conftest.$ac_objext \<br>+ conftest$ac_exeext conftest.$ac_ext<br>+LIBS=$ac_check_lib_save_LIBS<br>+fi<br>+eval ac_res=\$$as_ac_Lib<br>+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5<br>+$as_echo "$ac_res" >&6; }<br>+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :<br>+ AST_SRTP_192_FOUND=yes<br>+else<br>+ AST_SRTP_192_FOUND=no<br>+fi<br>+<br>+ CFLAGS="${ast_ext_lib_check_save_CFLAGS}"<br>+ fi<br>+<br>+ # now check for the header.<br>+ if test "${AST_SRTP_192_FOUND}" = "yes"; then<br>+ SRTP_192_LIB="${pbxlibdir} -lsrtp2 "<br>+ # if --with-SRTP_192=DIR has been specified, use it.<br>+ if test "x${SRTP_192_DIR}" != "x"; then<br>+ SRTP_192_INCLUDE="-I${SRTP_192_DIR}/include"<br>+ fi<br>+ SRTP_192_INCLUDE="${SRTP_192_INCLUDE} "<br>+ if test "x" = "x" ; then # no header, assume found<br>+ SRTP_192_HEADER_FOUND="1"<br>+ else # check for the header<br>+ ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"<br>+ CPPFLAGS="${CPPFLAGS} ${SRTP_192_INCLUDE}"<br>+ ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"<br>+if test "x$ac_cv_header_" = xyes; then :<br>+ SRTP_192_HEADER_FOUND=1<br>+else<br>+ SRTP_192_HEADER_FOUND=0<br>+fi<br>+<br>+<br>+ CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"<br>+ fi<br>+ if test "x${SRTP_192_HEADER_FOUND}" = "x0" ; then<br>+ SRTP_192_LIB=""<br>+ SRTP_192_INCLUDE=""<br>+ else<br>+ if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library<br>+ SRTP_192_LIB=""<br>+ fi<br>+ PBX_SRTP_192=1<br>+ cat >>confdefs.h <<_ACEOF<br>+#define HAVE_SRTP_192 1<br>+_ACEOF<br>+<br>+ fi<br>+ fi<br>+fi<br>+<br>+<br>+<br> if test "x${PBX_SRTP_GCM}" != "x1" -a "${USE_SRTP_GCM}" != "no"; then<br> pbxlibdir=""<br> # if --with-SRTP_GCM=DIR has been specified, use it.<br>diff --git a/configure.ac b/configure.ac<br>index 9f95786..c729b94 100644<br>--- a/configure.ac<br>+++ b/configure.ac<br>@@ -2520,6 +2520,7 @@<br> if test "x$PBX_SRTP" = x1;<br> then<br> AST_EXT_LIB_CHECK([SRTP_256], [srtp2], [srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80])<br>+ AST_EXT_LIB_CHECK([SRTP_192], [srtp2], [srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80])<br> AST_EXT_LIB_CHECK([SRTP_GCM], [srtp2], [srtp_crypto_policy_set_aes_gcm_128_8_auth])<br> AST_EXT_LIB_CHECK([SRTP_SHUTDOWN], [srtp2], [srtp_shutdown], [srtp2/srtp.h])<br> <br>diff --git a/res/srtp/srtp_compat.h b/res/srtp/srtp_compat.h<br>index 56ffca1..dbd8dde 100644<br>--- a/res/srtp/srtp_compat.h<br>+++ b/res/srtp/srtp_compat.h<br>@@ -16,6 +16,18 @@<br> #define crypto_policy_set_aes_gcm_128_8_auth srtp_crypto_policy_set_aes_gcm_128_8_auth<br> #define crypto_policy_set_aes_gcm_256_8_auth srtp_crypto_policy_set_aes_gcm_256_8_auth<br> <br>+#if defined(SRTP_AES_GCM_128_KEY_LEN_WSALT)<br>+#define AES_128_GCM_KEYSIZE_WSALT SRTP_AES_GCM_128_KEY_LEN_WSALT<br>+#else<br>+#define AES_128_GCM_KEYSIZE_WSALT SRTP_AES_128_GCM_KEYSIZE_WSALT<br>+#endif<br>+<br>+#if defined(SRTP_AES_GCM_256_KEY_LEN_WSALT)<br>+#define AES_256_GCM_KEYSIZE_WSALT SRTP_AES_GCM_256_KEY_LEN_WSALT<br>+#else<br>+#define AES_256_GCM_KEYSIZE_WSALT SRTP_AES_256_GCM_KEYSIZE_WSALT<br>+#endif<br>+<br> #define err_status_t srtp_err_status_t<br> #define err_status_ok srtp_err_status_ok<br> #define err_status_fail srtp_err_status_fail<br></pre><p>To view, visit <a href="https://gerrit.asterisk.org/6825">change 6825</a>. To unsubscribe, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/6825"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: master </div>
<div style="display:none"> Gerrit-MessageType: merged </div>
<div style="display:none"> Gerrit-Change-Id: Ia97a435faf26300335d9552fa676b5d17e5f7233 </div>
<div style="display:none"> Gerrit-Change-Number: 6825 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: Alexander Traud <pabstraud@compuserve.com> </div>
<div style="display:none"> Gerrit-Reviewer: George Joseph <gjoseph@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Jenkins2 </div>
<div style="display:none"> Gerrit-Reviewer: Joshua Colp <jcolp@digium.com> </div>