TT#97302 add new flag to select DTLS fingerprint algo

Change-Id: I48d9bf7184a860ca6f8f488076fe2859db6018f2

README.md

@@ -994,6 +994,12 @@ Optionally included keys are:
 
 		Reverts the `passive` setting. Only useful if the `dtls-passive` config option is set.
 
+* `DTLS-fingerprint`
+
+	Contains a string and is used to select the hashing function to generate the DTLS fingerprint
+	from the certificate. The default is SHA-1, or the same hashing function as was used by the
+	peer. Available are `SHA-1`, `SHA-224`, `SHA-256`, `SHA-384`, and `SHA-512`.
+
 * `SDES`
 
 	A list of strings controlling the behaviour regarding SDES. The default is to offer SDES without any

daemon/call.c

@@ -1519,7 +1519,10 @@ static void __generate_crypto(const struct sdp_ng_flags *flags, struct call_medi
 	}
 
 skip_sdes:
-	;
+	if (flags->opmode == OP_OFFER) {
+		if (MEDIA_ISSET(this, DTLS) && !this->fingerprint.hash_func && flags->dtls_fingerprint.len)
+			this->fingerprint.hash_func = dtls_find_hash_func(&flags->dtls_fingerprint);
+	}
 }
 // for an answer, uses the incoming received list of SDES crypto suites to prune
 // the list of (generated) outgoing crypto suites to contain only the one that was

daemon/call_interfaces.c

@@ -992,6 +992,7 @@ static void call_ng_process_flags(struct sdp_ng_flags *out, bencode_item_t *inpu
 	out->tos = bencode_dictionary_get_int_str(input, "TOS", 256);
 	bencode_get_alt(input, "record-call", "record call", &out->record_call_str);
 	bencode_dictionary_get_str(input, "metadata", &out->metadata);
+	bencode_dictionary_get_str(input, "DTLS-fingerprint", &out->dtls_fingerprint);
 
 	if (opmode == OP_OFFER) {
 		out->ptime = bencode_dictionary_get_int_str(input, "ptime", 0);

include/call_interfaces.h

@@ -46,6 +46,7 @@ struct sdp_ng_flags {
 	int ptime,
 	    rev_ptime;
 	GHashTable *sdes_no;
+	str dtls_fingerprint;
 	int asymmetric:1,
 	    protocol_accept:1,
 	    no_redis_update:1,