kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-10-25 14:06:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Allow SRTP policies to be reloaded

Browse Source 
Currently, when using res_srtp, once the SRTP policy has been added to the
current session the policy is locked into place.  Any attempt to replace an
existing policy, which would be needed if the remote endpoint negotiated a new
cryptographic key, is instead rejected in res_srtp.  This happens in particular
in transfer scenarios, where the endpoint that Asterisk is communicating with
changes but uses the same RTP session.

This patch modifies res_srtp to allow remote and local policies to be reloaded
in the underlying SRTP library.  From the perspective of users of the SRTP API,
the only change is that the adding of remote and local policies are now added
in a single method call, whereas they previously were added separately.  This
was changed to account for the differences in handling remote and local
policies in libsrtp.

Review: https://reviewboard.asterisk.org/r/1741/

(closes issue ASTERISK-19253)
Reported by: Thomas Arimont
Tested by: Thomas Arimont
Patches:
  srtp_renew_keys_2012_02_22.diff uploaded by Matt Jordan (license 6283)
  (with some small modifications for this check-in)



git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.8@356604 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
Matthew Jordan
2012-02-24 15:07:09 +00:00
parent f49ff3ff9c
commit 032962f1a2
5 changed files with 102 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
channels/sip/sdp_crypto.c
View File

@@ -161,15 +161,9 @@ static int sdp_crypto_activate(struct sdp_crypto *p, int suite_val, unsigned cha
goto err;
}
/* FIXME MIKMA */
/* ^^^ I wish I knew what needed fixing... */
if (ast_rtp_instance_add_srtp_policy(rtp, local_policy)) {
ast_log(LOG_WARNING, "Could not set local SRTP policy\n");
goto err;
}
if (ast_rtp_instance_add_srtp_policy(rtp, remote_policy)) {
ast_log(LOG_WARNING, "Could not set remote SRTP policy\n");
/* Add the SRTP policies */
if (ast_rtp_instance_add_srtp_policy(rtp, remote_policy, local_policy)) {
ast_log(LOG_WARNING, "Could not set SRTP policies\n");
goto err;
}
@@ -276,10 +270,8 @@ int sdp_crypto_process(struct sdp_crypto *p, const char *attr, struct ast_rtp_in
ast_log(LOG_ERROR, "Could not allocate memory for a_crypto\n");
return -1;
}
snprintf(p->a_crypto, attr_len + 10, "a=crypto:%s %s inline:%s\r\n", tag, suite, p->local_key64);
}
return 0;
}