forked from Mirrors/freeswitch
FS-5937 now with more working
This commit is contained in:
Brian West
parent
90b0ea7243
commit
33780fca07
@ -50,7 +50,8 @@ SWITCH_BEGIN_EXTERN_C
|
||||
#define SWITCH_RTP_KEY_LEN 30
|
||||
#define SWITCH_RTP_CRYPTO_KEY_32 "AES_CM_128_HMAC_SHA1_32"
|
||||
#define SWITCH_RTP_CRYPTO_KEY_80 "AES_CM_128_HMAC_SHA1_80"
|
||||
#define SWITCH_RTP_CRYPTO_KEY_8 "AEAD_AES_128_GCM_8"
|
||||
#define SWITCH_RTP_CRYPTO_KEY_128_8 "AEAD_AES_128_GCM_8"
|
||||
#define SWITCH_RTP_CRYPTO_KEY_256_8 "AEAD_AES_256_GCM_8"
|
||||
typedef enum {
|
||||
SWITCH_RTP_CRYPTO_SEND,
|
||||
SWITCH_RTP_CRYPTO_RECV,
|
||||
|
||||
@ -825,9 +825,9 @@ static switch_status_t switch_core_media_build_crypto(switch_media_handle_t *smh
|
||||
if (ctype == AES_CM_128_HMAC_SHA1_80) {
|
||||
type_str = SWITCH_RTP_CRYPTO_KEY_80;
|
||||
} else if (ctype == AEAD_AES_256_GCM_8) {
|
||||
type_str = SWITCH_RTP_CRYPTO_KEY_8;
|
||||
type_str = SWITCH_RTP_CRYPTO_KEY_256_8;
|
||||
} else if (ctype == AEAD_AES_128_GCM_8) {
|
||||
type_str = SWITCH_RTP_CRYPTO_KEY_8;
|
||||
type_str = SWITCH_RTP_CRYPTO_KEY_128_8;
|
||||
} else if (ctype == AES_CM_256_HMAC_SHA1_80) {
|
||||
type_str = SWITCH_RTP_CRYPTO_KEY_80;
|
||||
} else if (ctype == AES_CM_192_HMAC_SHA1_80) {
|
||||
@ -901,8 +901,10 @@ switch_status_t switch_core_media_add_crypto(switch_secure_settings_t *ssec, con
|
||||
type = AES_CM_128_HMAC_SHA1_32;
|
||||
} else if (!strncasecmp(p, SWITCH_RTP_CRYPTO_KEY_80, strlen(SWITCH_RTP_CRYPTO_KEY_80))) {
|
||||
type = AES_CM_128_HMAC_SHA1_80;
|
||||
} else if (!strncasecmp(p, SWITCH_RTP_CRYPTO_KEY_8, strlen(SWITCH_RTP_CRYPTO_KEY_8))) {
|
||||
} else if (!strncasecmp(p, SWITCH_RTP_CRYPTO_KEY_256_8, strlen(SWITCH_RTP_CRYPTO_KEY_256_8))) {
|
||||
type = AEAD_AES_128_GCM_8;
|
||||
} else if (!strncasecmp(p, SWITCH_RTP_CRYPTO_KEY_128_8, strlen(SWITCH_RTP_CRYPTO_KEY_128_8))) {
|
||||
type = AEAD_AES_256_GCM_8;
|
||||
} else {
|
||||
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Parse Error near [%s]\n", p);
|
||||
goto bad;
|
||||
@ -1047,8 +1049,13 @@ SWITCH_DECLARE(int) switch_core_session_check_incoming_crypto(switch_core_sessio
|
||||
switch_core_media_build_crypto(session->media_handle, type, crypto_tag, AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND, 1);
|
||||
switch_rtp_add_crypto_key(engine->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), engine->ssec.crypto_type,
|
||||
engine->ssec.local_raw_key, SWITCH_RTP_KEY_LEN);
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_8, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_8);
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_256_8, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_256_8);
|
||||
switch_core_media_build_crypto(session->media_handle, type, crypto_tag, AEAD_AES_256_GCM_8, SWITCH_RTP_CRYPTO_SEND, 1);
|
||||
switch_rtp_add_crypto_key(engine->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), engine->ssec.crypto_type,
|
||||
engine->ssec.local_raw_key, SWITCH_RTP_KEY_LEN);
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_128_8, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_128_8);
|
||||
switch_core_media_build_crypto(session->media_handle, type, crypto_tag, AEAD_AES_128_GCM_8, SWITCH_RTP_CRYPTO_SEND, 1);
|
||||
switch_rtp_add_crypto_key(engine->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), engine->ssec.crypto_type,
|
||||
engine->ssec.local_raw_key, SWITCH_RTP_KEY_LEN);
|
||||
@ -1088,8 +1095,11 @@ SWITCH_DECLARE(int) switch_core_session_check_incoming_crypto(switch_core_sessio
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_80, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_80);
|
||||
switch_core_media_build_crypto(session->media_handle, type, crypto_tag, AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND, 1);
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_8, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_8);
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_256_8, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_256_8);
|
||||
switch_core_media_build_crypto(session->media_handle, type, crypto_tag, AEAD_AES_256_GCM_8, SWITCH_RTP_CRYPTO_SEND, 1);
|
||||
} else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_128_8, crypto)) {
|
||||
switch_channel_set_variable(session->channel, varname, SWITCH_RTP_CRYPTO_KEY_128_8);
|
||||
switch_core_media_build_crypto(session->media_handle, type, crypto_tag, AEAD_AES_128_GCM_8, SWITCH_RTP_CRYPTO_SEND, 1);
|
||||
} else {
|
||||
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_ERROR, "Crypto Setup Failed!.\n");
|
||||
@ -1124,7 +1134,13 @@ SWITCH_DECLARE(void) switch_core_session_check_outgoing_crypto(switch_core_sessi
|
||||
SWITCH_MEDIA_TYPE_AUDIO, 1, AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND, 0);
|
||||
switch_core_media_build_crypto(session->media_handle,
|
||||
SWITCH_MEDIA_TYPE_VIDEO, 1, AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND, 0);
|
||||
} else if (!strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_8)) {
|
||||
} else if (!strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_256_8)) {
|
||||
switch_channel_set_flag(channel, CF_SECURE);
|
||||
switch_core_media_build_crypto(session->media_handle,
|
||||
SWITCH_MEDIA_TYPE_AUDIO, 1, AEAD_AES_256_GCM_8, SWITCH_RTP_CRYPTO_SEND, 0);
|
||||
switch_core_media_build_crypto(session->media_handle,
|
||||
SWITCH_MEDIA_TYPE_VIDEO, 1, AEAD_AES_256_GCM_8, SWITCH_RTP_CRYPTO_SEND, 0);
|
||||
} else if (!strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_128_8)) {
|
||||
switch_channel_set_flag(channel, CF_SECURE);
|
||||
switch_core_media_build_crypto(session->media_handle,
|
||||
SWITCH_MEDIA_TYPE_AUDIO, 1, AEAD_AES_128_GCM_8, SWITCH_RTP_CRYPTO_SEND, 0);
|
||||
@ -2754,8 +2770,11 @@ SWITCH_DECLARE(uint8_t) switch_core_media_negotiate_sdp(switch_core_session_t *s
|
||||
}
|
||||
|
||||
if (sdp_type == SDP_TYPE_REQUEST && (var = switch_channel_get_variable(session->channel, "rtp_secure_media"))) {
|
||||
if (!switch_true(var) && strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_32) &&
|
||||
strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_80) && strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_8)) {
|
||||
if (!switch_true(var)
|
||||
&& strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_32)
|
||||
&& strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_80)
|
||||
&& strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_128_8)
|
||||
&& strcasecmp(var, SWITCH_RTP_CRYPTO_KEY_256_8)) {
|
||||
got_crypto = -1;
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user