diff --git a/daemon/call_interfaces.c b/daemon/call_interfaces.c index 500024186..3c549f399 100644 --- a/daemon/call_interfaces.c +++ b/daemon/call_interfaces.c @@ -36,7 +36,7 @@ static pcre_extra *streams_ree; int trust_address_def; int dtls_passive_def; - +int pad_crypto_def; static int call_stream_address_gstring(GString *o, struct packet_stream *ps, enum stream_address_format format) { int len, ret; @@ -621,6 +621,8 @@ static void call_ng_flags_flags(struct sdp_ng_flags *out, str *s, void *dummy) { out->always_transcode = 1; else if (!str_cmp(s, "asymmetric-codecs")) out->asymmetric_codecs = 1; + else if (!str_cmp(s, "pad-crypto")) + out->pad_crypto = 1; else { // handle values aliases from other dictionaries if (call_ng_flags_prefix(out, s, "SDES-", ng_sdes_option, NULL)) @@ -654,6 +656,7 @@ static void call_ng_process_flags(struct sdp_ng_flags *out, bencode_item_t *inpu out->trust_address = trust_address_def; out->dtls_passive = dtls_passive_def; + out->pad_crypto = pad_crypto_def; call_ng_flags_list(out, input, "flags", call_ng_flags_flags, NULL); call_ng_flags_list(out, input, "replace", call_ng_flags_replace, NULL); @@ -709,6 +712,8 @@ static void call_ng_process_flags(struct sdp_ng_flags *out, bencode_item_t *inpu bencode_get_alt(input, "record-call", "record call", &out->record_call_str); bencode_dictionary_get_str(input, "metadata", &out->metadata); out->ptime = bencode_dictionary_get_int_str(input, "ptime", 0); + if (bencode_dictionary_get_str(input, "pad-crypto", &s)) + out->pad_crypto = 1; if (bencode_dictionary_get_str(input, "xmlrpc-callback", &s)) { if (sockaddr_parse_any_str(&out->xmlrpc_callback, &s)) diff --git a/daemon/main.c b/daemon/main.c index 3b3fce06b..2282c7d84 100644 --- a/daemon/main.c +++ b/daemon/main.c @@ -513,6 +513,7 @@ static void options(int *argc, char ***argv) { if (!sip_source) trust_address_def = 1; + pad_crypto_def = 0; rtpe_config.cpu_limit = max_cpu * 100; rtpe_config.load_limit = max_load * 100; } diff --git a/daemon/sdp.c b/daemon/sdp.c index c92b8cae3..3d68682b1 100644 --- a/daemon/sdp.c +++ b/daemon/sdp.c @@ -1916,7 +1916,7 @@ static void insert_dtls(struct call_media *media, struct sdp_chopper *chop) { chopper_append_c(chop, "\r\n"); } -static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, struct crypto_params_sdes *cps) { +static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, struct crypto_params_sdes *cps, struct sdp_ng_flags *flags) { char b64_buf[((SRTP_MAX_MASTER_KEY_LEN + SRTP_MAX_MASTER_SALT_LEN) / 3 + 1) * 4 + 4]; char *p; int state = 0, save = 0, i; @@ -1934,6 +1934,12 @@ static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, s p, &state, &save); p += g_base64_encode_close(0, p, &state, &save); + if (!flags->pad_crypto) { + // truncate trailing == + while (p > b64_buf && p[-1] == '=') + p--; + } + chopper_append_c(chop, "a=crypto:"); chopper_append_printf(chop, "%u ", cps->tag); chopper_append_c(chop, cps->params.crypto_suite->name); @@ -1953,9 +1959,9 @@ static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, s chopper_append_c(chop, " UNAUTHENTICATED_SRTP"); chopper_append_c(chop, "\r\n"); } -static void insert_crypto(struct call_media *media, struct sdp_chopper *chop) { +static void insert_crypto(struct call_media *media, struct sdp_chopper *chop, struct sdp_ng_flags *flags) { for (GList *l = media->sdes_out.head; l; l = l->next) - insert_crypto1(media, chop, l->data); + insert_crypto1(media, chop, l->data, flags); } @@ -2113,7 +2119,7 @@ int sdp_replace(struct sdp_chopper *chop, GQueue *sessions, struct call_monologu else ps_rtcp = NULL; - insert_crypto(call_media, chop); + insert_crypto(call_media, chop, flags); insert_dtls(call_media, chop); if (call_media->ptime) diff --git a/include/call_interfaces.h b/include/call_interfaces.h index 4667bb954..bbc594570 100644 --- a/include/call_interfaces.h +++ b/include/call_interfaces.h @@ -70,12 +70,13 @@ struct sdp_ng_flags { sdes_unauthenticated_srtp:1, sdes_encrypted_srtp:1, sdes_encrypted_srtcp:1, - sdes_authenticated_srtp:1; + sdes_authenticated_srtp:1, + pad_crypto:1; }; extern int trust_address_def; extern int dtls_passive_def; - +extern int pad_crypto_def; str *call_request_tcp(char **); str *call_lookup_tcp(char **); diff --git a/utils/rtpengine-ng-client b/utils/rtpengine-ng-client index b1a61ab45..8f28e5a31 100755 --- a/utils/rtpengine-ng-client +++ b/utils/rtpengine-ng-client @@ -60,6 +60,7 @@ GetOptions( 'metadata=s' => \$options{'metadata'}, 'all' => \$options{'all'}, 'address=s' => \$options{'address'}, + 'pad-crypto' => \$options{'pad crypto'}, ) or die; my $cmd = shift(@ARGV) or die;