kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-11-11 12:28:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_rtp_asterisk: Add SHA-256 support for DTLS and perform DTLS negotiation on RTCP.

Browse Source 
This change fixes up DTLS support in res_rtp_asterisk so it can accept and provide
a SHA-256 fingerprint, so it occurs on RTCP, and so it occurs after ICE negotiation
completes. Configuration options to chan_sip have also been added to allow behavior
to be tweaked (such as forcing the AVP type media transports in SDP).

ASTERISK-22961 #close
Reported by: Jay Jideliov

Review: https://reviewboard.asterisk.org/r/3679/


git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/11@417677 65c4cc65-6c06-0410-ace0-fbb531ad65f3
This commit is contained in:
Joshua Colp
2014-06-30 19:42:18 +00:00
parent 1644cd874d
commit 915de454f8
7 changed files with 441 additions and 181 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
main/rtp_engine.c
View File

@@ -2109,7 +2109,17 @@ int ast_rtp_dtls_cfg_parse(struct ast_rtp_dtls_cfg *dtls_cfg, const char *name,
if (!strcasecmp(name, "dtlsenable")) {
dtls_cfg->enabled = ast_true(value) ? 1 : 0;
} else if (!strcasecmp(name, "dtlsverify")) {
dtls_cfg->verify = ast_true(value) ? 1 : 0;
if (!strcasecmp(value, "yes")) {
dtls_cfg->verify = AST_RTP_DTLS_VERIFY_FINGERPRINT | AST_RTP_DTLS_VERIFY_CERTIFICATE;
} else if (!strcasecmp(value, "fingerprint")) {
dtls_cfg->verify = AST_RTP_DTLS_VERIFY_FINGERPRINT;
} else if (!strcasecmp(value, "certificate")) {
dtls_cfg->verify = AST_RTP_DTLS_VERIFY_CERTIFICATE;
} else if (!strcasecmp(value, "no")) {
dtls_cfg->verify = AST_RTP_DTLS_VERIFY_NONE;
} else {
return -1;
}
} else if (!strcasecmp(name, "dtlsrekey")) {
if (sscanf(value, "%30u", &dtls_cfg->rekey) != 1) {
return -1;
@@ -2137,6 +2147,12 @@ int ast_rtp_dtls_cfg_parse(struct ast_rtp_dtls_cfg *dtls_cfg, const char *name,
} else if (!strcasecmp(value, "actpass")) {
dtls_cfg->default_setup = AST_RTP_DTLS_SETUP_ACTPASS;
}
} else if (!strcasecmp(name, "dtlsfingerprint")) {
if (!strcasecmp(value, "sha-256")) {
dtls_cfg->hash = AST_RTP_DTLS_HASH_SHA256;
} else if (!strcasecmp(value, "sha-1")) {
dtls_cfg->hash = AST_RTP_DTLS_HASH_SHA1;
}
} else {
return -1;
}
@@ -2150,6 +2166,7 @@ void ast_rtp_dtls_cfg_copy(const struct ast_rtp_dtls_cfg *src_cfg, struct ast_rt
dst_cfg->verify = src_cfg->verify;
dst_cfg->rekey = src_cfg->rekey;
dst_cfg->suite = src_cfg->suite;
dst_cfg->hash = src_cfg->hash;
dst_cfg->certfile = ast_strdup(src_cfg->certfile);
dst_cfg->pvtfile = ast_strdup(src_cfg->pvtfile);
dst_cfg->cipher = ast_strdup(src_cfg->cipher);