[asterisk-scf-commits] asterisk-scf/integration/media_rtp_pjmedia.git branch "srtp-support" updated.
Commits to the Asterisk SCF project code repositories
asterisk-scf-commits at lists.digium.com
Tue Jul 12 06:56:13 CDT 2011
branch "srtp-support" has been updated
via 08ecffa4718a02f82cbb0c268364563608ee15f1 (commit)
from 8f0b3e40aa59688ea63c22cfe2dfd3175cdfec1e (commit)
Summary of changes:
config/RtpConfigurator.py | 3 +
.../MediaRTPPJMedia/RtpConfigurationIf.ice | 2 +-
.../MediaRTPPJMedia/RtpStateReplicationIf.ice | 4 ++
src/MediaRTPpjmedia.cpp | 3 +
src/RTPConfiguration.cpp | 8 ++--
src/RTPSession.cpp | 44 +++++++++++++--
src/SRTPTransport.cpp | 58 +++++++++++++++++++-
src/SRTPTransport.h | 9 +++
8 files changed, 120 insertions(+), 11 deletions(-)
- Log -----------------------------------------------------------------
commit 08ecffa4718a02f82cbb0c268364563608ee15f1
Author: Brent Eagles <beagles at digium.com>
Date: Tue Jul 12 09:22:36 2011 -0230
More SRTP changes.
- configurator
- added and implemented interface for "kicking" off media transport once
offer/answer negotiation was completed
- discovery changes to include srtp support in query.
diff --git a/config/RtpConfigurator.py b/config/RtpConfigurator.py
index 2b63946..ea5a374 100755
--- a/config/RtpConfigurator.py
+++ b/config/RtpConfigurator.py
@@ -46,6 +46,9 @@ class RtpSectionVisitors(Configurator.SectionVisitors):
ipv6BindingItem = AsteriskSCF.Configuration.MediaRTPPJMedia.V1.BindingIPv6Item()
mapper.map('ipv6bind', ipv6BindingItem, 'address', AsteriskSCF.Configuration.MediaRTPPJMedia.V1.BindingIPv6AddressItemName, config.get, None)
+ srtpEnableItem = AsteriskSCF.Configuration.MediaRTPPJMedia.V1.EnableSRTPItem()
+ mapper.map('enablesrtp', srtpEnableItem, 'enabled', AsteriskSCF.Configuration.MediaRTPPJMedia.V1.EnableSRTPItemName, config.get, None)
+
for option in config.options(section):
mapper.execute(group, section, option)
diff --git a/slice/AsteriskSCF/Configuration/MediaRTPPJMedia/RtpConfigurationIf.ice b/slice/AsteriskSCF/Configuration/MediaRTPPJMedia/RtpConfigurationIf.ice
index ec71e54..b9339ed 100644
--- a/slice/AsteriskSCF/Configuration/MediaRTPPJMedia/RtpConfigurationIf.ice
+++ b/slice/AsteriskSCF/Configuration/MediaRTPPJMedia/RtpConfigurationIf.ice
@@ -123,7 +123,7 @@ module V1
* Enable SRTP on the current transport.
*
**/
- class EnableSRTPItem extends RtpConfiguration
+ class EnableSRTPItem extends RtpConfigurationItem
{
/**
* Flag to enable SRTP.
diff --git a/slice/AsteriskSCF/Replication/MediaRTPPJMedia/RtpStateReplicationIf.ice b/slice/AsteriskSCF/Replication/MediaRTPPJMedia/RtpStateReplicationIf.ice
index ee5862c..202c998 100644
--- a/slice/AsteriskSCF/Replication/MediaRTPPJMedia/RtpStateReplicationIf.ice
+++ b/slice/AsteriskSCF/Replication/MediaRTPPJMedia/RtpStateReplicationIf.ice
@@ -78,6 +78,9 @@ module V1
string mComparatorId;
};
+ /**
+ * TODO: Ice classe members shouldn't have m prefixes.
+ */
class RtpSessionStateItem extends RtpStateItem
{
Ice::Identity mSessionIdentity;
@@ -87,6 +90,7 @@ module V1
AsteriskSCF::Media::V1::FormatSeq mFormats;
AsteriskSCF::Media::RTP::V1::PayloadMap mPayloadstoFormats;
bool mIPv6;
+ bool mSRTP;
};
class RtpStreamSinkStateItem extends RtpStateItem
diff --git a/src/MediaRTPpjmedia.cpp b/src/MediaRTPpjmedia.cpp
index ab26e67..c8304b3 100644
--- a/src/MediaRTPpjmedia.cpp
+++ b/src/MediaRTPpjmedia.cpp
@@ -212,6 +212,9 @@ public:
result = false;
#endif
}
+ //
+ // We can ignore the SRTP criteria since we support it one way or the other.
+ //
if (!result)
{
return false;
diff --git a/src/RTPConfiguration.cpp b/src/RTPConfiguration.cpp
index 26859a7..1a3b477 100644
--- a/src/RTPConfiguration.cpp
+++ b/src/RTPConfiguration.cpp
@@ -125,16 +125,16 @@ public:
EnableSRTPItemPtr srtpItem = EnableSRTPItemPtr::dynamicCast(item->second);
if (!mSRTPConfig)
{
- mSRTPConfig = SRTPConfiguration::create(srtpItem->value);
+ mSRTPConfig = SRTPConfiguration::create(srtpItem->enabled);
}
else
{
//
// No point in allocating if it's the same.
- //
- if (mSRTPConfig->isSRTPEnabled() != srtpItem->value)
+ //Item
+ if (mSRTPConfig->isSRTPEnabled() != srtpItem->enabled)
{
- mSRTPConfig = SRTPConfiguration::create(srtpItem->value);
+ mSRTPConfig = SRTPConfiguration::create(srtpItem->enabled);
}
}
}
diff --git a/src/RTPSession.cpp b/src/RTPSession.cpp
index 2024066..bf5258d 100644
--- a/src/RTPSession.cpp
+++ b/src/RTPSession.cpp
@@ -47,7 +47,7 @@ using namespace AsteriskSCF::PJMediaRTP;
/**
* Implementation of the RTPSession interface as defined in MediaRTPIf.ice
*/
-class RTPSessionImpl : public AsteriskSCF::Media::RTP::V1::RTPSession
+class RTPSessionImpl : public AsteriskSCF::Media::RTP::V1::SRTPSession
{
public:
RTPSessionImpl(const Ice::ObjectAdapterPtr&,
@@ -64,13 +64,14 @@ public:
Ice::Int port,
const AsteriskSCF::Media::V1::FormatSeq& formats,
bool isIPv6,
+ bool srtp,
const AsteriskSCF::Discovery::SmartProxy<AsteriskSCF::Replication::MediaRTPPJMedia::V1::RtpStateReplicatorPrx>&,
const ConfigurationServiceImplPtr& configurationServant);
~RTPSessionImpl();
/**
- * AsteriskSCF::Media::V1::Session implementation.
+ * AsteriskSCF::Media::V1::RSession implementation.
*/
AsteriskSCF::Media::V1::StreamSourceSeq getSources(const Ice::Current&);
AsteriskSCF::Media::V1::StreamSinkSeq getSinks(const Ice::Current&);
@@ -81,6 +82,12 @@ public:
void associatePayloads(const AsteriskSCF::Media::RTP::V1::PayloadMap&, const Ice::Current&);
/**
+ * AsteriskSCF::Media::V1::SRTPSession implementation.
+ */
+ void setOptions(const string& suiteName, const string& keyInfo, bool enableAuthentication, bool enableEncryption, const Ice::Current&);
+ void start(const string& suiteName, const string& keyInfo, bool enableAuthentication, bool enableEncryption, const Ice::Current&);
+
+ /**
* Internal methods.
*/
AsteriskSCF::Media::V1::FormatSeq getFormats();
@@ -280,9 +287,14 @@ RTPSessionImpl::RTPSessionImpl(const Ice::ObjectAdapterPtr& adapter,
//
// If enabled, the SRTP transport "wraps" the active transport. TODO: allow enabling.
//
- if (mEnvironment->srtpConfig() && mEnvironment->srtpConfig()->isSRTPEnabled())
+ if (mEnvironment->srtpConfig() && mEnvironment->srtpConfig()->isSRTPEnabled() && params->srtpCapable)
{
mTransport = SRTPTransport::create(mTransport, mEndpoint, configurationService);
+ mSessionStateItem->mSRTP = true;
+ }
+ else
+ {
+ mSessionStateItem->mSRTP = false;
}
// Initialize our session state item enough so that the state items for the source and sink can also be initialized.
@@ -301,6 +313,7 @@ RTPSessionImpl::RTPSessionImpl(const Ice::ObjectAdapterPtr& adapter,
Ice::Int port,
const FormatSeq& formats,
bool ipv6,
+ bool srtp,
const AsteriskSCF::Discovery::SmartProxy<RtpStateReplicatorPrx>& replicatorPrx,
const ConfigurationServiceImplPtr& configurationService) :
mEnvironment(env),
@@ -324,7 +337,7 @@ RTPSessionImpl::RTPSessionImpl(const Ice::ObjectAdapterPtr& adapter,
//
// If enabled, the SRTP transport "wraps" the active transport.
//
- if (mEnvironment->srtpConfig() && mEnvironment->srtpConfig()->isSRTPEnabled())
+ if (mEnvironment->srtpConfig() && mEnvironment->srtpConfig()->isSRTPEnabled() && srtp)
{
mTransport = SRTPTransport::create(mTransport, mEndpoint, configurationService);
}
@@ -428,6 +441,27 @@ void RTPSessionImpl::associatePayloads(const AsteriskSCF::Media::RTP::V1::Payloa
replicateState(mSessionStateItem, 0, 0);
}
+
+void RTPSessionImpl::setOptions(const string& suiteName, const string& key, bool enableAuthentication, bool enableEncryption, const Ice::Current&)
+{
+ SRTPTransportPtr srtpTransport(boost::dynamic_pointer_cast<SRTPTransport>(mTransport));
+ if (!srtpTransport)
+ {
+ throw SRTPUnavailable();
+ }
+ srtpTransport->setOptions(suiteName, key, enableAuthentication, enableEncryption);
+}
+
+void RTPSessionImpl::start(const string& suiteName, const string& key, bool enableAuthentication, bool enableEncryption, const Ice::Current&)
+{
+ SRTPTransportPtr srtpTransport(boost::dynamic_pointer_cast<SRTPTransport>(mTransport));
+ if (!srtpTransport)
+ {
+ throw SRTPUnavailable();
+ }
+ srtpTransport->start(suiteName, key, enableAuthentication, enableEncryption);
+}
+
/**
* API call which returns the formats the RTP session is expected to carry.
*
@@ -713,7 +747,7 @@ ReplicationAdapterPtr AsteriskSCF::PJMediaRTP::RTPSession::create(const Ice::Obj
RTPSessionImplPtr servant(new RTPSessionImpl(adapter,
adapter->getCommunicator()->identityToString(item->mSessionIdentity),
environment,
- item->mPort, item->mFormats, item->mIPv6,
+ item->mPort, item->mFormats, item->mIPv6, item->mSRTP,
AsteriskSCF::Discovery::SmartProxy<RtpStateReplicatorPrx>(),
configuration));
servant->activate(item->mSessionIdentity, item-> mSourceIdentity, item->mSinkIdentity);
diff --git a/src/SRTPTransport.cpp b/src/SRTPTransport.cpp
index 2afa8ff..7c2a5c6 100644
--- a/src/SRTPTransport.cpp
+++ b/src/SRTPTransport.cpp
@@ -19,16 +19,69 @@
#include <pjmedia.h>
#include <pjlib.h>
#include <AsteriskSCF/System/ExceptionsIf.h>
+#include <AsteriskSCF/Media/RTP/MediaRTPIf.h>
+#include <pjmedia/transport_srtp.h>
using namespace AsteriskSCF::PJMediaRTP;
using namespace AsteriskSCF::System::V1;
+using namespace AsteriskSCF::Media::RTP::V1;
using namespace AsteriskSCF::PJUtil;
+using namespace std;
SRTPTransport::~SRTPTransport()
{
//
// TODO : cleanup ICE transport, the transport itself is closed by the parent class.
//
+ pjmedia_transport_srtp_stop(getTransport());
+}
+
+void SRTPTransport::setOptions(const string& suiteName, const string& key, bool enableAuthentication, bool enableEncryption)
+{
+ boost::unique_lock<boost::shared_mutex> lock(mLock);
+ mCryptoSuite = suiteName;
+ mKey = key;
+ mEnableAuthentication = enableAuthentication;
+ mEnableEncryption = enableEncryption;
+}
+
+void SRTPTransport::start(const string& suiteName, const string& key, bool enableAuthentication, bool enableEncryption)
+{
+ boost::unique_lock<boost::shared_mutex> lock(mLock);
+ if (mStarted)
+ {
+ throw SRTPAlreadyStarted();
+ }
+ pjmedia_srtp_crypto localSuite;
+ localSuite.key = pj_str(const_cast<char*>(mKey.c_str()));
+ localSuite.name = pj_str(const_cast<char*>(mCryptoSuite.c_str()));
+ localSuite.flags = 0;
+ if (!mEnableAuthentication)
+ {
+ localSuite.flags |= PJMEDIA_SRTP_NO_AUTHENTICATION;
+ }
+ if (!mEnableEncryption)
+ {
+ localSuite.flags |= PJMEDIA_SRTP_NO_ENCRYPTION;
+ }
+ pjmedia_srtp_crypto remoteSuite;
+ remoteSuite.key = pj_str(const_cast<char*>(key.c_str()));
+ remoteSuite.name = pj_str(const_cast<char*>(suiteName.c_str()));
+ remoteSuite.flags = 0;
+ if (!enableAuthentication)
+ {
+ remoteSuite.flags |= PJMEDIA_SRTP_NO_AUTHENTICATION;
+ }
+ if (!enableEncryption)
+ {
+ remoteSuite.flags |= PJMEDIA_SRTP_NO_ENCRYPTION;
+ }
+ pj_status_t result = pjmedia_transport_srtp_start(getTransport(), &localSuite, & remoteSuite);
+ if (result != PJ_SUCCESS)
+ {
+ throw SRTPFailure();
+ }
+ mStarted = true;
}
SRTPTransportPtr SRTPTransport::create(const PJMediaTransportPtr& transport, const PJMediaEndpointPtr& ep,
@@ -49,6 +102,9 @@ SRTPTransportPtr SRTPTransport::create(const PJMediaTransportPtr& transport, con
SRTPTransport::SRTPTransport(pjmedia_transport* t, const PJMediaTransportPtr& origTransport) :
PJMediaTransport(t),
- mMainTransport(origTransport)
+ mMainTransport(origTransport),
+ mEnableAuthentication(true),
+ mEnableEncryption(true),
+ mStarted(false)
{
}
diff --git a/src/SRTPTransport.h b/src/SRTPTransport.h
index 48ea733..0fb0486 100644
--- a/src/SRTPTransport.h
+++ b/src/SRTPTransport.h
@@ -40,11 +40,20 @@ class SRTPTransport : public PJMediaTransport
public:
~SRTPTransport();
+ void setOptions(const std::string& suiteName, const std::string& key, bool enableAuthentication, bool enableEncryption);
+ void start(const std::string& suiteName, const std::string& key, bool enableAuthentication, bool enableEncryption);
+
static SRTPTransportPtr create(const PJMediaTransportPtr& baseTransport, const PJMediaEndpointPtr& ep,
const RTPConfigurationPtr& configObject);
private:
+ boost::shared_mutex mLock;
PJMediaTransportPtr mMainTransport;
+ std::string mCryptoSuite;
+ std::string mKey;
+ bool mEnableAuthentication;
+ bool mEnableEncryption;
+ bool mStarted;
SRTPTransport(pjmedia_transport* t, const PJMediaTransportPtr& origTransport);
-----------------------------------------------------------------------
--
asterisk-scf/integration/media_rtp_pjmedia.git
More information about the asterisk-scf-commits
mailing list