|
|
|
|
@ -278,7 +278,7 @@ struct rtp_learning_info {
|
|
|
|
|
enum ast_media_type stream_type;
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
struct dtls_details {
|
|
|
|
|
SSL *ssl; /*!< SSL session */
|
|
|
|
|
BIO *read_bio; /*!< Memory buffer for reading */
|
|
|
|
|
@ -423,7 +423,7 @@ struct ast_rtp {
|
|
|
|
|
unsigned int ice_num_components; /*!< The number of ICE components */
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
SSL_CTX *ssl_ctx; /*!< SSL context */
|
|
|
|
|
enum ast_rtp_dtls_verify dtls_verify; /*!< What to verify */
|
|
|
|
|
enum ast_srtp_suite suite; /*!< SRTP crypto suite */
|
|
|
|
|
@ -500,7 +500,7 @@ struct ast_rtcp {
|
|
|
|
|
/* VP8: sequence number for the RTCP FIR FCI */
|
|
|
|
|
int firseq;
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
struct dtls_details dtls; /*!< DTLS state information */
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
@ -568,7 +568,7 @@ static void ast_rtp_set_stream_num(struct ast_rtp_instance *instance, int stream
|
|
|
|
|
static int ast_rtp_extension_enable(struct ast_rtp_instance *instance, enum ast_rtp_extension extension);
|
|
|
|
|
static int ast_rtp_bundle(struct ast_rtp_instance *child, struct ast_rtp_instance *parent);
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
static int ast_rtp_activate(struct ast_rtp_instance *instance);
|
|
|
|
|
static void dtls_srtp_check_pending(struct ast_rtp_instance *instance, struct ast_rtp *rtp, int rtcp);
|
|
|
|
|
static void dtls_srtp_start_timeout_timer(struct ast_rtp_instance *instance, struct ast_rtp *rtp, int rtcp);
|
|
|
|
|
@ -1587,7 +1587,7 @@ static struct ast_rtp_engine_ice ast_rtp_ice = {
|
|
|
|
|
};
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
static int dtls_verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
|
|
|
|
|
{
|
|
|
|
|
/* We don't want to actually verify the certificate so just accept what they have provided */
|
|
|
|
|
@ -2265,7 +2265,7 @@ static struct ast_rtp_engine asterisk_rtp_engine = {
|
|
|
|
|
#ifdef HAVE_PJPROJECT
|
|
|
|
|
.ice = &ast_rtp_ice,
|
|
|
|
|
#endif
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
.dtls = &ast_rtp_dtls,
|
|
|
|
|
.activate = ast_rtp_activate,
|
|
|
|
|
#endif
|
|
|
|
|
@ -2277,7 +2277,7 @@ static struct ast_rtp_engine asterisk_rtp_engine = {
|
|
|
|
|
.bundle = ast_rtp_bundle,
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
/*! \pre instance is locked */
|
|
|
|
|
static void dtls_perform_handshake(struct ast_rtp_instance *instance, struct dtls_details *dtls, int rtcp)
|
|
|
|
|
{
|
|
|
|
|
@ -2311,7 +2311,7 @@ static void dtls_perform_handshake(struct ast_rtp_instance *instance, struct dtl
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
static void dtls_perform_setup(struct dtls_details *dtls)
|
|
|
|
|
{
|
|
|
|
|
if (!dtls->ssl || !SSL_is_init_finished(dtls->ssl)) {
|
|
|
|
|
@ -2355,7 +2355,7 @@ static void ast_rtp_on_ice_complete(pj_ice_sess *ice, pj_status_t status)
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
|
|
|
|
|
dtls_perform_setup(&rtp->dtls);
|
|
|
|
|
dtls_perform_handshake(instance, &rtp->dtls, 0);
|
|
|
|
|
@ -2489,7 +2489,7 @@ static inline int rtcp_debug_test_addr(struct ast_sockaddr *addr)
|
|
|
|
|
return 1;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
/*! \pre instance is locked */
|
|
|
|
|
static int dtls_srtp_handle_timeout(struct ast_rtp_instance *instance, int rtcp)
|
|
|
|
|
{
|
|
|
|
|
@ -2835,7 +2835,7 @@ static int __rtp_recvfrom(struct ast_rtp_instance *instance, void *buf, size_t s
|
|
|
|
|
return len;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
/* If this is an SSL packet pass it to OpenSSL for processing. RFC section for first byte value:
|
|
|
|
|
* https://tools.ietf.org/html/rfc5764#section-5.1.2 */
|
|
|
|
|
if ((*in >= 20) && (*in <= 63)) {
|
|
|
|
|
@ -3527,7 +3527,7 @@ static int rtp_allocate_transport(struct ast_rtp_instance *instance, struct ast_
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
rtp->rekeyid = -1;
|
|
|
|
|
rtp->dtls.timeout_timer = -1;
|
|
|
|
|
#endif
|
|
|
|
|
@ -3543,7 +3543,7 @@ static void rtp_deallocate_transport(struct ast_rtp_instance *instance, struct a
|
|
|
|
|
struct timespec ts = { .tv_sec = wait.tv_sec, .tv_nsec = wait.tv_usec * 1000, };
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
ast_rtp_dtls_stop(instance);
|
|
|
|
|
#endif
|
|
|
|
|
|
|
|
|
|
@ -7161,7 +7161,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
rtp->rtcp->s = -1;
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
rtp->rtcp->dtls.timeout_timer = -1;
|
|
|
|
|
#endif
|
|
|
|
|
rtp->rtcp->schedid = -1;
|
|
|
|
|
@ -7224,7 +7224,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro
|
|
|
|
|
rtp_add_candidates_to_ice(instance, rtp, &rtp->rtcp->us, ast_sockaddr_port(&rtp->rtcp->us), AST_RTP_ICE_COMPONENT_RTCP, TRANSPORT_SOCKET_RTCP);
|
|
|
|
|
}
|
|
|
|
|
#endif
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
dtls_setup_rtcp(instance);
|
|
|
|
|
#endif
|
|
|
|
|
} else {
|
|
|
|
|
@ -7244,7 +7244,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro
|
|
|
|
|
rtp->rtcp->s = rtp->s;
|
|
|
|
|
ast_rtp_instance_get_remote_address(instance, &addr);
|
|
|
|
|
ast_sockaddr_copy(&rtp->rtcp->them, &addr);
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
if (rtp->rtcp->dtls.ssl && rtp->rtcp->dtls.ssl != rtp->dtls.ssl) {
|
|
|
|
|
SSL_free(rtp->rtcp->dtls.ssl);
|
|
|
|
|
}
|
|
|
|
|
@ -7272,7 +7272,7 @@ static void ast_rtp_prop_set(struct ast_rtp_instance *instance, enum ast_rtp_pro
|
|
|
|
|
if (rtp->rtcp->s > -1 && rtp->rtcp->s != rtp->s) {
|
|
|
|
|
close(rtp->rtcp->s);
|
|
|
|
|
}
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
ao2_unlock(instance);
|
|
|
|
|
dtls_srtp_stop_timeout_timer(instance, rtp, 1);
|
|
|
|
|
ao2_lock(instance);
|
|
|
|
|
@ -7547,7 +7547,7 @@ static void ast_rtp_stop(struct ast_rtp_instance *instance)
|
|
|
|
|
struct ast_rtp *rtp = ast_rtp_instance_get_data(instance);
|
|
|
|
|
struct ast_sockaddr addr = { {0,} };
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
ao2_unlock(instance);
|
|
|
|
|
AST_SCHED_DEL_UNREF(rtp->sched, rtp->rekeyid, ao2_ref(instance, -1));
|
|
|
|
|
|
|
|
|
|
@ -7767,7 +7767,7 @@ static int ast_rtp_bundle(struct ast_rtp_instance *child, struct ast_rtp_instanc
|
|
|
|
|
|
|
|
|
|
AST_VECTOR_APPEND(&parent_rtp->ssrc_mapping, mapping);
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
/* If DTLS-SRTP is already in use then add the local SSRC to it, otherwise it will get added once DTLS
|
|
|
|
|
* negotiation has been completed.
|
|
|
|
|
*/
|
|
|
|
|
@ -7788,7 +7788,7 @@ static int ast_rtp_bundle(struct ast_rtp_instance *child, struct ast_rtp_instanc
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
#if !defined(OPENSSL_NO_SRTP) && (OPENSSL_VERSION_NUMBER >= 0x10001000L)
|
|
|
|
|
#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
|
|
|
|
|
/*! \pre instance is locked */
|
|
|
|
|
static int ast_rtp_activate(struct ast_rtp_instance *instance)
|
|
|
|
|
{
|
|
|
|
|
|
Joshua Colp
7 years ago
committed by
Gerrit Code Review