From 3c4aa20c53e9a7a6243652280050645ad142b7dd Mon Sep 17 00:00:00 2001
From: Michael Jerris <mike@jerris.com>
Date: Mon, 7 Jul 2008 17:56:16 +0000
Subject: [PATCH] add flags to turn off srtp auth and rtp auto adj (FSCORE-149
 && MODENDP-115)

git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@8908 d0543943-73ff-0310-b7d9-9358b9ac24b2
---
 src/include/switch_rtp.h                 |  5 ++-
 src/mod/endpoints/mod_sofia/mod_sofia.h  |  4 +-
 src/mod/endpoints/mod_sofia/sofia.c      |  4 ++
 src/mod/endpoints/mod_sofia/sofia_glue.c | 51 +++++++++++++++++++-----
 src/switch_rtp.c                         |  3 ++
 5 files changed, 53 insertions(+), 14 deletions(-)

diff --git a/src/include/switch_rtp.h b/src/include/switch_rtp.h
index d2f166b093..8b53de6c17 100644
--- a/src/include/switch_rtp.h
+++ b/src/include/switch_rtp.h
@@ -53,8 +53,9 @@ SWITCH_BEGIN_EXTERN_C
 
 typedef enum {
 	NO_CRYPTO,
-	AES_CM_128_HMAC_SHA1_80,
-	AES_CM_128_HMAC_SHA1_32
+	AES_CM_128_HMAC_SHA1_80, 
+	AES_CM_128_HMAC_SHA1_32,
+	AES_CM_128_NULL_AUTH
 } switch_rtp_crypto_key_type_t;
 
 struct switch_rtp_crypto_key {
diff --git a/src/mod/endpoints/mod_sofia/mod_sofia.h b/src/mod/endpoints/mod_sofia/mod_sofia.h
index 707d3e0d5e..5227fd4015 100644
--- a/src/mod/endpoints/mod_sofia/mod_sofia.h
+++ b/src/mod/endpoints/mod_sofia/mod_sofia.h
@@ -154,7 +154,9 @@ typedef enum {
 	PFLAG_DISABLE_100REL = (1 << 20),
 	PFLAG_AGGRESSIVE_NAT_DETECTION = (1 << 21),
 	PFLAG_RECIEVED_IN_NAT_REG_CONTACT = (1 << 22),
-	PFLAG_3PCC = (1 << 23)
+	PFLAG_3PCC = (1 << 23),
+	PFLAG_DISABLE_RTP_AUTOADJ = (1 << 24),
+	PFLAG_DISABLE_SRTP_AUTH = (1 << 25)
 } PFLAGS;
 
 typedef enum {
diff --git a/src/mod/endpoints/mod_sofia/sofia.c b/src/mod/endpoints/mod_sofia/sofia.c
index 4c41174ff5..d2a57af1d2 100644
--- a/src/mod/endpoints/mod_sofia/sofia.c
+++ b/src/mod/endpoints/mod_sofia/sofia.c
@@ -1103,6 +1103,10 @@ switch_status_t config_sofia(int reload, char *profile_name)
 						profile->pflags |= PFLAG_RECIEVED_IN_NAT_REG_CONTACT;
 					} else if (!strcasecmp(var, "aggressive-nat-detection") && switch_true(val)) {
 						profile->pflags |= PFLAG_AGGRESSIVE_NAT_DETECTION;
+					} else if (!strcasecmp(var, "disable-rtp-auto-adjust") && switch_true(val)) {
+						profile->pflags |= PFLAG_DISABLE_RTP_AUTOADJ;
+					} else if (!strcasecmp(var, "NDLB-support-asterisk-missing-srtp-auth") && switch_true(val)) {
+						profile->pflags |= PFLAG_DISABLE_SRTP_AUTH;
 					} else if (!strcasecmp(var, "rfc2833-pt")) {
 						profile->te = (switch_payload_t) atoi(val);
 					} else if (!strcasecmp(var, "cng-pt")) {
diff --git a/src/mod/endpoints/mod_sofia/sofia_glue.c b/src/mod/endpoints/mod_sofia/sofia_glue.c
index 7c9f49359f..61bcafaa2c 100644
--- a/src/mod/endpoints/mod_sofia/sofia_glue.c
+++ b/src/mod/endpoints/mod_sofia/sofia_glue.c
@@ -727,6 +727,7 @@ switch_status_t sofia_glue_tech_proxy_remote_addr(private_object_t *tech_pvt)
 	char rvp[128] = "";
 	char *p, *ip_ptr = NULL, *port_ptr = NULL, *vid_port_ptr = NULL;
 	int x;
+	const char *val;
 
 	if (switch_strlen_zero(tech_pvt->remote_sdp_str)) {
 		return SWITCH_STATUS_FALSE;
@@ -795,8 +796,11 @@ switch_status_t sofia_glue_tech_proxy_remote_addr(private_object_t *tech_pvt)
 				} else {
 					switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "VIDEO RTP CHANGING DEST TO: [%s:%d]\n",
 									  tech_pvt->remote_sdp_video_ip, tech_pvt->remote_sdp_video_port);
-					/* Reactivate the NAT buster flag. */
-					switch_rtp_set_flag(tech_pvt->video_rtp_session, SWITCH_RTP_FLAG_AUTOADJ);
+					if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_RTP_AUTOADJ) &&
+						!((val = switch_channel_get_variable(tech_pvt->channel, "disable_rtp_auto_adjust")) && switch_true(val))) {
+						/* Reactivate the NAT buster flag. */
+						switch_rtp_set_flag(tech_pvt->video_rtp_session, SWITCH_RTP_FLAG_AUTOADJ);
+					}
 				}
 			}
 		}
@@ -815,8 +819,11 @@ switch_status_t sofia_glue_tech_proxy_remote_addr(private_object_t *tech_pvt)
 		} else {
 			switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "AUDIO RTP CHANGING DEST TO: [%s:%d]\n",
 							  tech_pvt->remote_sdp_audio_ip, tech_pvt->remote_sdp_audio_port);
-			/* Reactivate the NAT buster flag. */
-			switch_rtp_set_flag(tech_pvt->rtp_session, SWITCH_RTP_FLAG_AUTOADJ);
+			if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_RTP_AUTOADJ) &&
+				!((val = switch_channel_get_variable(tech_pvt->channel, "disable_rtp_auto_adjust")) && switch_true(val))) {
+				/* Reactivate the NAT buster flag. */
+				switch_rtp_set_flag(tech_pvt->rtp_session, SWITCH_RTP_FLAG_AUTOADJ);	
+			}
 		}
 	}
 
@@ -1473,6 +1480,7 @@ switch_status_t sofia_glue_build_crypto(private_object_t *tech_pvt, int index, s
 	unsigned char b64_key[512] = "";
 	const char *type_str;
 	unsigned char *key;
+	const char *val;
 
 	char *p;
 
@@ -1499,8 +1507,13 @@ switch_status_t sofia_glue_build_crypto(private_object_t *tech_pvt, int index, s
 
 	tech_pvt->local_crypto_key = switch_core_session_sprintf(tech_pvt->session, "%d %s inline:%s", index, type_str, b64_key);
 	switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "Set Local Key [%s]\n", tech_pvt->local_crypto_key);
-	tech_pvt->crypto_type = type;
 
+	if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_SRTP_AUTH) &&
+		!((val = switch_channel_get_variable(tech_pvt->channel, "NDLB_support_asterisk_missing_srtp_auth")) && switch_true(val))) {
+		tech_pvt->crypto_type = type;
+	} else {
+		tech_pvt->crypto_type = AES_CM_128_NULL_AUTH;
+	}
 
 	return SWITCH_STATUS_SUCCESS;
 }
@@ -1605,8 +1618,11 @@ switch_status_t sofia_glue_activate_rtp(private_object_t *tech_pvt, switch_rtp_f
 
 	if (myflags) {
 		flags = myflags;
-	} else {
+	} else if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_RTP_AUTOADJ) &&
+				!((val = switch_channel_get_variable(tech_pvt->channel, "disable_rtp_auto_adjust")) && switch_true(val))) {
 		flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_AUTOADJ | SWITCH_RTP_FLAG_DATAWAIT);
+    } else {
+		flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_DATAWAIT);
 	}
 
 	if (switch_test_flag(tech_pvt, TFLAG_BUGGY_2833)) {
@@ -1669,8 +1685,11 @@ switch_status_t sofia_glue_activate_rtp(private_object_t *tech_pvt, switch_rtp_f
 		} else {
 			switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "AUDIO RTP CHANGING DEST TO: [%s:%d]\n",
 							  tech_pvt->remote_sdp_audio_ip, tech_pvt->remote_sdp_audio_port);
-			/* Reactivate the NAT buster flag. */
-			switch_rtp_set_flag(tech_pvt->rtp_session, SWITCH_RTP_FLAG_AUTOADJ);
+			if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_RTP_AUTOADJ) &&
+				!((val = switch_channel_get_variable(tech_pvt->channel, "disable_rtp_auto_adjust")) && switch_true(val))) {
+				/* Reactivate the NAT buster flag. */
+				switch_rtp_set_flag(tech_pvt->rtp_session, SWITCH_RTP_FLAG_AUTOADJ);
+			}
 		}
 		goto video;
 	}
@@ -1679,7 +1698,12 @@ switch_status_t sofia_glue_activate_rtp(private_object_t *tech_pvt, switch_rtp_f
 		if ((status = sofia_glue_tech_proxy_remote_addr(tech_pvt)) != SWITCH_STATUS_SUCCESS) {
 			goto end;
 		}
-		flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_PROXY_MEDIA | SWITCH_RTP_FLAG_AUTOADJ | SWITCH_RTP_FLAG_DATAWAIT);
+		if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_RTP_AUTOADJ) &&
+			!((val = switch_channel_get_variable(tech_pvt->channel, "disable_rtp_auto_adjust")) && switch_true(val))) {
+			flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_PROXY_MEDIA | SWITCH_RTP_FLAG_AUTOADJ | SWITCH_RTP_FLAG_DATAWAIT);
+		} else {
+			flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_PROXY_MEDIA | SWITCH_RTP_FLAG_DATAWAIT);
+		}
 		timer_name = NULL;
 
 		switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "PROXY AUDIO RTP [%s] %s:%d->%s:%d codec: %u ms: %d\n",
@@ -1801,8 +1825,13 @@ switch_status_t sofia_glue_activate_rtp(private_object_t *tech_pvt, switch_rtp_f
 				sofia_glue_tech_choose_video_port(tech_pvt, 1);
 			}
 
-			flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_USE_TIMER | SWITCH_RTP_FLAG_AUTOADJ |
-										 SWITCH_RTP_FLAG_DATAWAIT | SWITCH_RTP_FLAG_NOBLOCK | SWITCH_RTP_FLAG_RAW_WRITE);
+			if (!sofia_test_pflag(tech_pvt->profile, PFLAG_DISABLE_RTP_AUTOADJ) &&
+				!((val = switch_channel_get_variable(tech_pvt->channel, "disable_rtp_auto_adjust")) && switch_true(val))) {
+				flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_USE_TIMER | SWITCH_RTP_FLAG_AUTOADJ |
+		 									 SWITCH_RTP_FLAG_DATAWAIT | SWITCH_RTP_FLAG_NOBLOCK | SWITCH_RTP_FLAG_RAW_WRITE);
+			} else {
+				flags = (switch_rtp_flag_t) (SWITCH_RTP_FLAG_USE_TIMER | SWITCH_RTP_FLAG_DATAWAIT | SWITCH_RTP_FLAG_NOBLOCK | SWITCH_RTP_FLAG_RAW_WRITE);
+			}
 
 			if (switch_channel_test_flag(tech_pvt->channel, CF_PROXY_MEDIA)) {
 				flags |= SWITCH_RTP_FLAG_PROXY_MEDIA;
diff --git a/src/switch_rtp.c b/src/switch_rtp.c
index 49d4afbacf..a9c6de0361 100644
--- a/src/switch_rtp.c
+++ b/src/switch_rtp.c
@@ -601,6 +601,9 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_crypto_key(switch_rtp_t *rtp_sess
 	case AES_CM_128_HMAC_SHA1_32:
 		crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy->rtp);
 		break;
+	case AES_CM_128_NULL_AUTH:
+		crypto_policy_set_aes_cm_128_null_auth(&policy->rtp);
+		break;
 	default:
 		break;
 	}