RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

fix SRTP ROC syncing between kernel and userspace 

also fixes spurious unkernelized rtcp-mux streams

fixes #495

Change-Id: I9ec86ec5ecfffeede367a9aab9168ac32b7a95f3
changes/44/20944/1
Richard Fuchs 8 years ago
parent
895fa96054
commit
e0cdf74ac5
3 changed files with 14 additions and 10 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      daemon/call.c
  2. +5
    -2
      daemon/media_socket.c
  3. +7
    -6
      utils/srtp-debug-helper

+ 2
- 2
daemon/call.c View File

@ -598,7 +598,7 @@ static void call_timer(void *ptr) {
if (sink) {
mutex_lock(&sink->out_lock);
if (sink->crypto.params.crypto_suite && sink->ssrc_out
&& ke->target.ssrc == sink->ssrc_out->parent->h.ssrc
&& ntohl(ke->target.ssrc) == sink->ssrc_out->parent->h.ssrc
&& ke->target.encrypt.last_index - sink->ssrc_out->srtp_index > 0x4000)
{
sink->ssrc_out->srtp_index = ke->target.encrypt.last_index;
@ -609,7 +609,7 @@ static void call_timer(void *ptr) {
mutex_lock(&ps->in_lock);
if (sfd->crypto.params.crypto_suite && ps->ssrc_in
&& ke->target.ssrc == ps->ssrc_in->parent->h.ssrc
&& ntohl(ke->target.ssrc) == ps->ssrc_in->parent->h.ssrc
&& ke->target.decrypt.last_index - ps->ssrc_in->srtp_index > 0x4000)
{
ps->ssrc_in->srtp_index = ke->target.decrypt.last_index;


+ 5
- 2
daemon/media_socket.c View File

@ -1475,8 +1475,10 @@ update_peerinfo:
mutex_lock(&phc->mp.stream->out_lock);
endpoint = phc->mp.stream->endpoint;
phc->mp.stream->endpoint = phc->mp.fsin;
if (memcmp(&endpoint, &phc->mp.stream->endpoint, sizeof(endpoint)))
if (memcmp(&endpoint, &phc->mp.stream->endpoint, sizeof(endpoint))) {
phc->unkernelize = 1;
phc->update = 1;
}
update_addr:
mutex_unlock(&phc->mp.stream->out_lock);
@ -1485,6 +1487,7 @@ update_addr:
if (phc->mp.stream->selected_sfd && phc->mp.sfd != phc->mp.stream->selected_sfd) {
ilog(LOG_INFO, "Switching local interface to %s", endpoint_print_buf(&phc->mp.sfd->socket.local));
phc->mp.stream->selected_sfd = phc->mp.sfd;
phc->unkernelize = 1;
phc->update = 1;
}
@ -1651,7 +1654,7 @@ static int stream_packet(struct packet_handler_ctx *phc) {
if (G_LIKELY(handler_ret >= 0))
handler_ret = media_packet_encrypt(phc);
if (phc->update) // for RTCP packet index updates
if (phc->unkernelize) // for RTCP packet index updates
unkernelize(phc->mp.stream);


+ 7
- 6
utils/srtp-debug-helper View File

@ -3,12 +3,12 @@
use strict;
use warnings;
use MIME::Base64;
use SRTP;
use NGCP::Rtpclient::SRTP;
my $cs = $SRTP::crypto_suites{$ARGV[0]} or die;
my $cs = $NGCP::Rtpclient::SRTP::crypto_suites{$ARGV[0]} or die;
my $inline_key = $ARGV[1] or die;
my ($key, $salt) = SRTP::decode_inline_base64($inline_key);
my ($skey, $sauth, $ssalt) = SRTP::gen_rtp_session_keys($key, $salt);
my ($key, $salt) = NGCP::Rtpclient::SRTP::decode_inline_base64($inline_key, $cs);
my ($skey, $sauth, $ssalt) = NGCP::Rtpclient::SRTP::gen_rtp_session_keys($key, $salt);
print("Master key: " . unpack("H*", $key) . "\n");
print("Master salt: " . unpack("H*", $salt) . "\n");
print("RTP session key: " . unpack("H*", $skey) . "\n");
@ -25,14 +25,15 @@ else {
$pack = pack("H*", $pack);
}
my $roc = $ARGV[3] // 0;
my $in_roc = $ARGV[3] // 0;
print("Packet length: " . length($pack) . " bytes\n");
my ($dec, $roc, $tag, $hmac) = SRTP::decrypt_rtp($cs, $skey, $ssalt, $sauth, $roc, $pack);
my ($dec, $out_roc, $tag, $hmac) = NGCP::Rtpclient::SRTP::decrypt_rtp($cs, $skey, $ssalt, $sauth, $in_roc, $pack);
print("Auth tag from packet: " . unpack("H*", $tag) . "\n");
print("Computed auth tag: " . unpack("H*", $hmac) . "\n");
print("Decoded packet: " . unpack("H*", $dec) . "\n");
print("ROC: $out_roc\n");

Write Preview
Loading…
Cancel
Save