kenmirrors
/
freeswitch
mirror of https://github.com/signalwire/freeswitch.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Merge b24f2417b8 into 5cb74797fe

This commit is contained in:
Andrew Cassidy 2025-01-17 16:40:18 +00:00 committed by GitHub
parent 5cb74797fe b24f2417b8
commit 6b739ad27d
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 30 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/include/switch_types.h
View File

@ -2676,10 +2676,10 @@ typedef enum {
#define SDP_TYPE_RESPONSE SDP_ANSWER
typedef enum {
AEAD_AES_256_GCM_8,
AEAD_AES_256_GCM,
AEAD_AES_128_GCM_8,
AEAD_AES_256_GCM_8,
AEAD_AES_128_GCM,
AEAD_AES_128_GCM_8,
AES_CM_256_HMAC_SHA1_80,
AES_CM_192_HMAC_SHA1_80,
AES_CM_128_HMAC_SHA1_80,

45
src/switch_core_media.c
View File

@ -275,10 +275,10 @@ struct switch_media_handle_s {
};
switch_srtp_crypto_suite_t SUITES[CRYPTO_INVALID] = {
{ "AEAD_AES_256_GCM_8", "", AEAD_AES_256_GCM_8, 44, 12},
{ "AEAD_AES_256_GCM", "", AEAD_AES_256_GCM, 44, 12},
{ "AEAD_AES_128_GCM_8", "", AEAD_AES_128_GCM_8, 28, 12},
{ "AEAD_AES_256_GCM_8", "", AEAD_AES_256_GCM_8, 44, 12},
{ "AEAD_AES_128_GCM", "", AEAD_AES_128_GCM, 28, 12},
{ "AEAD_AES_128_GCM_8", "", AEAD_AES_128_GCM_8, 28, 12},
{ "AES_256_CM_HMAC_SHA1_80", "AES_CM_256_HMAC_SHA1_80", AES_CM_256_HMAC_SHA1_80, 46, 14},
{ "AES_192_CM_HMAC_SHA1_80", "AES_CM_192_HMAC_SHA1_80", AES_CM_192_HMAC_SHA1_80, 38, 14},
{ "AES_CM_128_HMAC_SHA1_80", "", AES_CM_128_HMAC_SHA1_80, 30, 14},
@ -1677,6 +1677,9 @@ SWITCH_DECLARE(int) switch_core_session_check_incoming_crypto(switch_core_sessio
int use_alias = 0;
switch_rtp_engine_t *engine;
switch_media_handle_t *smh;
char *crypto_cpy;
char *fields[4];
unsigned int crypto_argc;
if (!(smh = session->media_handle)) {
return 0;
@ -1695,26 +1698,34 @@ SWITCH_DECLARE(int) switch_core_session_check_incoming_crypto(switch_core_sessio
}
engine = &session->media_handle->engines[type];
for (i = 0; smh->crypto_suite_order[i] != CRYPTO_INVALID; i++) {
switch_rtp_crypto_key_type_t j = SUITES[smh->crypto_suite_order[i]].type;
crypto_cpy = (char*)malloc(strlen(crypto)+1);
strcpy(crypto_cpy, crypto);
crypto_argc = switch_split(crypto_cpy, ' ', fields);
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "looking for crypto suite [%s]alias=[%s] in [%s]\n", SUITES[j].name, SUITES[j].alias, crypto);
if (crypto_argc > 2) {
for (i = 0; smh->crypto_suite_order[i] != CRYPTO_INVALID; i++) {
switch_rtp_crypto_key_type_t j = SUITES[smh->crypto_suite_order[i]].type;
if (switch_stristr(SUITES[j].alias, crypto)) {
use_alias = 1;
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "looking for crypto suite [%s]alias=[%s] in [%s]\n", SUITES[j].name, SUITES[j].alias, crypto);
if (!strcmp(SUITES[j].alias, fields[1])) {
use_alias = 1;
}
if (use_alias || !strcmp(SUITES[j].name, fields[1])) {
ctype = SUITES[j].type;
vval = use_alias ? SUITES[j].alias : SUITES[j].name;
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "Found suite %s\n", vval);
switch_channel_set_variable(session->channel, "rtp_secure_media_negotiated", vval);
break;
}
use_alias = 0;
}
if (use_alias || switch_stristr(SUITES[j].name, crypto)) {
ctype = SUITES[j].type;
vval = use_alias ? SUITES[j].alias : SUITES[j].name;
switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(session), SWITCH_LOG_DEBUG, "Found suite %s\n", vval);
switch_channel_set_variable(session->channel, "rtp_secure_media_negotiated", vval);
break;
}
use_alias = 0;
}
free(crypto_cpy);
if (engine->ssec[engine->crypto_type].remote_crypto_key && switch_rtp_ready(engine->rtp_session)) {
/* Compare all the key. The tag may remain the same even if key changed */
if (engine->crypto_type != CRYPTO_INVALID && !strcmp(crypto, engine->ssec[engine->crypto_type].remote_crypto_key)) {