From 09174819a9a2a69d89aaafe25470d567a73d7bc6 Mon Sep 17 00:00:00 2001 From: Trevor Alpeter Date: Tue, 13 Jun 2017 09:39:07 -0400 Subject: [PATCH] FS-10370: Enable SRTP Key Padding Some clients rely on Base64 padding characters (i.e., '=') to be present in encoded SRTP key/salt strings to determine the length of the encoded data. However, FreeSWITCH removes these characters before including the encoded strings in the SDP. This causes those clients that rely on the padding to truncate the encoded data and be unable to properly set up an encrypted SRTP session. This change introduces a channel flag named 'rtp_pad_srtp_keys'. When this flag is enabled, FreeSWITCH includes the Base64 padding characters in the SDP. This allows clients that rely on the padding to retrieve the full key and salt values and successfully negotiate an SRTP stream with FreeSWITCH. FS-103070 #resolve --- src/switch_core_media.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/src/switch_core_media.c b/src/switch_core_media.c index 1f136390bd..35c0c99716 100644 --- a/src/switch_core_media.c +++ b/src/switch_core_media.c @@ -1173,10 +1173,12 @@ static switch_status_t switch_core_media_build_crypto(switch_media_handle_t *smh #endif switch_b64_encode(key, SUITES[ctype].keylen, b64_key, sizeof(b64_key)); - p = strrchr((char *) b64_key, '='); + if (!switch_channel_var_true(channel, "rtp_pad_srtp_keys")) { + p = strrchr((char *) b64_key, '='); - while (p && *p && *p == '=') { - *p-- = '\0'; + while (p && *p && *p == '=') { + *p-- = '\0'; + } } if (index == SWITCH_NO_CRYPTO_TAG) index = ctype + 1;