RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

TT#79900 add SDES=lifetime option 

closes #966

Change-Id: I462dabffb5c00387ab1b91cabf3fcb2be998f76e
changes/30/39330/2
Richard Fuchs 6 years ago
parent
c1d29a41a7
commit
e59ccc2973
5 changed files with 61 additions and 7 deletions
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +13
    -4
      README.md
  2. +4
    -1
      daemon/call_interfaces.c
  3. +3
    -1
      daemon/sdp.c
  4. +2
    -1
      include/call_interfaces.h
  5. +39
    -0
      t/auto-daemon-tests.pl

+ 13
- 4
README.md View File

@ -732,10 +732,8 @@ Optionally included keys are:
- `pad crypto` - `pad crypto`
RFC 4568 (section 6.1) is somewhat ambiguous regarding the base64 encoding format of
`a=crypto` parameters added to an SDP body. The default interpretation is that trailing
`=` characters used for padding should be omitted. With this flag set, these padding
characters will be left in place.
Legacy alias to SDES=pad.
- `generate mid` - `generate mid`
@ -931,6 +929,17 @@ Optionally included keys are:
offer, it will be removed and will be missing in the outgoing offer; and if a given crypto offer, it will be removed and will be missing in the outgoing offer; and if a given crypto
suite was not present in the received offer, it will not be added to it. suite was not present in the received offer, it will not be added to it.
- `pad`
RFC 4568 (section 6.1) is somewhat ambiguous regarding the base64 encoding format of
`a=crypto` parameters added to an SDP body. The default interpretation is that trailing
`=` characters used for padding should be omitted. With this flag set, these padding
characters will be left in place.
- `lifetime`
Add the key lifetime parameter `2^31` to each crypto key.
* `record call` * `record call`
Contains one of the strings `yes`, `no`, `on` or `off`. This tells the rtpengine Contains one of the strings `yes`, `no`, `on` or `off`. This tells the rtpengine


+ 4
- 1
daemon/call_interfaces.c View File

@ -541,6 +541,9 @@ INLINE void ng_sdes_option(struct sdp_ng_flags *out, str *s, void *dummy) {
case CSH_LOOKUP("AUTHENTICATED_SRTP"): case CSH_LOOKUP("AUTHENTICATED_SRTP"):
out->sdes_authenticated_srtp = 1; out->sdes_authenticated_srtp = 1;
break; break;
case CSH_LOOKUP("lifetime"):
out->sdes_lifetime = 1;
break;
default: default:
ilog(LOG_WARN, "Unknown 'SDES' flag encountered: '"STR_FORMAT"'", ilog(LOG_WARN, "Unknown 'SDES' flag encountered: '"STR_FORMAT"'",
STR_FMT(s)); STR_FMT(s));
@ -790,7 +793,7 @@ static void call_ng_flags_flags(struct sdp_ng_flags *out, str *s, void *dummy) {
out->inject_dtmf = 1; out->inject_dtmf = 1;
break; break;
case CSH_LOOKUP("pad-crypto"): case CSH_LOOKUP("pad-crypto"):
out->pad_crypto = 1;
out->sdes_pad = 1;
break; break;
default: default:
// handle values aliases from other dictionaries // handle values aliases from other dictionaries


+ 3
- 1
daemon/sdp.c View File

@ -2187,7 +2187,7 @@ static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, s
p, &state, &save); p, &state, &save);
p += g_base64_encode_close(0, p, &state, &save); p += g_base64_encode_close(0, p, &state, &save);
if (!flags->pad_crypto) {
if (!flags->sdes_pad) {
// truncate trailing == // truncate trailing ==
while (p > b64_buf && p[-1] == '=') while (p > b64_buf && p[-1] == '=')
p--; p--;
@ -2198,6 +2198,8 @@ static void insert_crypto1(struct call_media *media, struct sdp_chopper *chop, s
chopper_append_c(chop, cps->params.crypto_suite->name); chopper_append_c(chop, cps->params.crypto_suite->name);
chopper_append_c(chop, " inline:"); chopper_append_c(chop, " inline:");
chopper_append(chop, b64_buf, p - b64_buf); chopper_append(chop, b64_buf, p - b64_buf);
if (flags->sdes_lifetime)
chopper_append_c(chop, "|2^31");
if (cps->params.mki_len) { if (cps->params.mki_len) {
ull = 0; ull = 0;
for (i = 0; i < cps->params.mki_len && i < sizeof(ull); i++) for (i = 0; i < cps->params.mki_len && i < sizeof(ull); i++)


+ 2
- 1
include/call_interfaces.h View File

@ -96,7 +96,8 @@ struct sdp_ng_flags {
sdes_encrypted_srtp:1, sdes_encrypted_srtp:1,
sdes_encrypted_srtcp:1, sdes_encrypted_srtcp:1,
sdes_authenticated_srtp:1, sdes_authenticated_srtp:1,
pad_crypto:1;
sdes_lifetime:1,
sdes_pad:1;
}; };


+ 39
- 0
t/auto-daemon-tests.pl View File

@ -18,6 +18,45 @@ my ($sock_a, $sock_b, $port_a, $port_b, $ssrc, $resp, $srtp_ctx_a, $srtp_ctx_b,
# SDES key lifetime
new_call();
offer('gh 966', { ICE => 'remove', 'transport-protocol' => 'RTP/SAVP', SDES => ['lifetime'],
DTLS => 'off' }, <<SDP);
v=0
o=- 1822058533 1822058533 IN IP4 1.2.3.4
s=Asterisk
c=IN IP4 1.2.3.4
t=0 0
m=audio 27998 RTP/AVP 96
a=rtpmap:96 opus/48000/2
----------------------------------
v=0
o=- 1822058533 1822058533 IN IP4 1.2.3.4
s=Asterisk
c=IN IP4 203.0.113.1
t=0 0
m=audio PORT RTP/SAVP 96
a=rtpmap:96 opus/48000/2
a=sendrecv
a=rtcp:PORT
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:CRYPTO128|2^31
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:CRYPTO128|2^31
a=crypto:3 AES_192_CM_HMAC_SHA1_80 inline:CRYPTO192|2^31
a=crypto:4 AES_192_CM_HMAC_SHA1_32 inline:CRYPTO192|2^31
a=crypto:5 AES_256_CM_HMAC_SHA1_80 inline:CRYPTO256|2^31
a=crypto:6 AES_256_CM_HMAC_SHA1_32 inline:CRYPTO256|2^31
a=crypto:7 F8_128_HMAC_SHA1_80 inline:CRYPTO128|2^31
a=crypto:8 F8_128_HMAC_SHA1_32 inline:CRYPTO128|2^31
a=crypto:9 NULL_HMAC_SHA1_80 inline:CRYPTO128|2^31
a=crypto:10 NULL_HMAC_SHA1_32 inline:CRYPTO128|2^31
SDP
# PT collisions (GH 963) # PT collisions (GH 963)
new_call(); new_call();


Write Preview
Loading…
Cancel
Save