|
|
|
@ -1477,7 +1477,8 @@ static int handle_response_register(struct sip_pvt *p, int resp, const char *res
|
|
|
|
static void handle_response(struct sip_pvt *p, int resp, const char *rest, struct sip_request *req, uint32_t seqno);
|
|
|
|
static void handle_response(struct sip_pvt *p, int resp, const char *rest, struct sip_request *req, uint32_t seqno);
|
|
|
|
|
|
|
|
|
|
|
|
/*------ SRTP Support -------- */
|
|
|
|
/*------ SRTP Support -------- */
|
|
|
|
static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct ast_sdp_srtp **srtp, const char *a);
|
|
|
|
static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct ast_sdp_srtp **srtp,
|
|
|
|
|
|
|
|
const char *a, int secure_transport);
|
|
|
|
|
|
|
|
|
|
|
|
/*------ T38 Support --------- */
|
|
|
|
/*------ T38 Support --------- */
|
|
|
|
static int transmit_response_with_t38_sdp(struct sip_pvt *p, char *msg, struct sip_request *req, int retrans);
|
|
|
|
static int transmit_response_with_t38_sdp(struct sip_pvt *p, char *msg, struct sip_request *req, int retrans);
|
|
|
|
@ -10618,7 +10619,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req, int t38action
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else if (process_sdp_a_sendonly(value, &sendonly)) {
|
|
|
|
} else if (process_sdp_a_sendonly(value, &sendonly)) {
|
|
|
|
processed = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
} else if (!processed_crypto && process_crypto(p, p->rtp, &p->srtp, value)) {
|
|
|
|
} else if (!processed_crypto && process_crypto(p, p->rtp, &p->srtp, value, secure_audio)) {
|
|
|
|
processed_crypto = TRUE;
|
|
|
|
processed_crypto = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
} else if (process_sdp_a_audio(value, p, &newaudiortp, &last_rtpmap_codec)) {
|
|
|
|
} else if (process_sdp_a_audio(value, p, &newaudiortp, &last_rtpmap_codec)) {
|
|
|
|
@ -10635,7 +10636,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req, int t38action
|
|
|
|
if (p->vsrtp) {
|
|
|
|
if (p->vsrtp) {
|
|
|
|
ast_set_flag(p->vsrtp, AST_SRTP_CRYPTO_OFFER_OK);
|
|
|
|
ast_set_flag(p->vsrtp, AST_SRTP_CRYPTO_OFFER_OK);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else if (!processed_crypto && process_crypto(p, p->vrtp, &p->vsrtp, value)) {
|
|
|
|
} else if (!processed_crypto && process_crypto(p, p->vrtp, &p->vsrtp, value, secure_video)) {
|
|
|
|
processed_crypto = TRUE;
|
|
|
|
processed_crypto = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
} else if (process_sdp_a_video(value, p, &newvideortp, &last_rtpmap_codec)) {
|
|
|
|
} else if (process_sdp_a_video(value, p, &newvideortp, &last_rtpmap_codec)) {
|
|
|
|
@ -10648,7 +10649,7 @@ static int process_sdp(struct sip_pvt *p, struct sip_request *req, int t38action
|
|
|
|
processed = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
} else if (process_sdp_a_text(value, p, &newtextrtp, red_fmtp, &red_num_gen, red_data_pt, &last_rtpmap_codec)) {
|
|
|
|
} else if (process_sdp_a_text(value, p, &newtextrtp, red_fmtp, &red_num_gen, red_data_pt, &last_rtpmap_codec)) {
|
|
|
|
processed = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
} else if (!processed_crypto && process_crypto(p, p->trtp, &p->tsrtp, value)) {
|
|
|
|
} else if (!processed_crypto && process_crypto(p, p->trtp, &p->tsrtp, value, 1)) {
|
|
|
|
processed_crypto = TRUE;
|
|
|
|
processed_crypto = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
processed = TRUE;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
@ -33640,7 +33641,8 @@ static void sip_send_all_mwi_subscriptions(void)
|
|
|
|
ao2_iterator_destroy(&iter);
|
|
|
|
ao2_iterator_destroy(&iter);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct ast_sdp_srtp **srtp, const char *a)
|
|
|
|
static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struct ast_sdp_srtp **srtp,
|
|
|
|
|
|
|
|
const char *a, int secure_transport)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
struct ast_rtp_engine_dtls *dtls;
|
|
|
|
struct ast_rtp_engine_dtls *dtls;
|
|
|
|
|
|
|
|
|
|
|
|
@ -33656,6 +33658,23 @@ static int process_crypto(struct sip_pvt *p, struct ast_rtp_instance *rtp, struc
|
|
|
|
/* skip "crypto:" */
|
|
|
|
/* skip "crypto:" */
|
|
|
|
a += strlen("crypto:");
|
|
|
|
a += strlen("crypto:");
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if (!secure_transport) {
|
|
|
|
|
|
|
|
/* > The Secure Real-time Transport Protocol (SRTP)
|
|
|
|
|
|
|
|
* > [RFC3711] provides security services for RTP media
|
|
|
|
|
|
|
|
* > and is signaled by use of secure RTP transport (e.g.,
|
|
|
|
|
|
|
|
* > "RTP/SAVP" or "RTP/SAVPF") in an SDP media (m=) line.
|
|
|
|
|
|
|
|
* > ...
|
|
|
|
|
|
|
|
* > The "crypto" attribute MUST only appear at the SDP
|
|
|
|
|
|
|
|
* > media level (not at the session level).
|
|
|
|
|
|
|
|
*
|
|
|
|
|
|
|
|
* Ergo, we can trust RTP/(S)AVP to be read from the m=
|
|
|
|
|
|
|
|
* line before we get here. If it was RTP/AVP, then this
|
|
|
|
|
|
|
|
* is SNOM-specific optional SRTP. Ignore it.
|
|
|
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
ast_log(LOG_WARNING, "Ignoring crypto attribute in SDP because RTP transport is insecure\n");
|
|
|
|
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
if (!*srtp) {
|
|
|
|
if (!*srtp) {
|
|
|
|
if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
|
|
|
|
if (ast_test_flag(&p->flags[0], SIP_OUTGOING)) {
|
|
|
|
ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
|
|
|
|
ast_log(LOG_WARNING, "Ignoring unexpected crypto attribute in SDP answer\n");
|
|
|
|
|
zuul
9 years ago
committed by
Gerrit Code Review