From 4dcb6aab1f765ac7ad0011736c647d8b809cf8ea Mon Sep 17 00:00:00 2001 From: Richard Fuchs Date: Thu, 27 Jun 2013 09:29:33 -0400 Subject: [PATCH] add compile flag for libsrtp vs rfc srtcp key derivation --- daemon/Makefile | 2 ++ daemon/rtcp.c | 20 +++++++++++++++++--- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/daemon/Makefile b/daemon/Makefile index 422e144e5..e985bd2f7 100644 --- a/daemon/Makefile +++ b/daemon/Makefile @@ -10,6 +10,8 @@ CFLAGS+= -D_GNU_SOURCE CFLAGS+= -DMEDIAPROXY_VERSION="\"$(shell dpkg-parsechangelog -l../debian/changelog | awk '/^Version: / {print $$2}')\"" CFLAGS+= -DMP_PLUGIN_DIR="\"/usr/lib/mediaproxy-ng\"" +#CFLAGS+= -DSRTCP_KEY_DERIVATION_RFC_COMPLIANCE + ifeq ($(DBG),yes) CFLAGS+= -D__DEBUG=1 else diff --git a/daemon/rtcp.c b/daemon/rtcp.c index d4d0b3e8b..852ac07a2 100644 --- a/daemon/rtcp.c +++ b/daemon/rtcp.c @@ -13,6 +13,20 @@ +/* This toggles between two different and incompatible interpretations of + * RFC 3711, namely sections 4.3.2 and 4.3.1. + * See http://www.ietf.org/mail-archive/web/avt/current/msg06124.html + * The default (define not set) is to be compatible with libsrtp, but + * incompatible with a strict interpretation of the RFC. + */ +#ifdef SRTCP_KEY_DERIVATION_RFC_COMPLIANCE +#define SRTCP_R_LENGTH 4 +#else +#define SRTCP_R_LENGTH 6 +#endif + + + #define RTCP_PT_SR 200 /* sender report */ #define RTCP_PT_RR 201 /* receiver report */ @@ -323,13 +337,13 @@ static inline int check_session_keys(struct crypto_context *c) { goto error; str_init_len(&s, c->session_key, c->crypto_suite->session_key_len); - if (crypto_gen_session_key(c, &s, 0x03, 6)) + if (crypto_gen_session_key(c, &s, 0x03, SRTCP_R_LENGTH)) goto error; str_init_len(&s, c->session_auth_key, c->crypto_suite->srtcp_auth_key_len); - if (crypto_gen_session_key(c, &s, 0x04, 6)) + if (crypto_gen_session_key(c, &s, 0x04, SRTCP_R_LENGTH)) goto error; str_init_len(&s, c->session_salt, c->crypto_suite->session_salt_len); - if (crypto_gen_session_key(c, &s, 0x05, 6)) + if (crypto_gen_session_key(c, &s, 0x05, SRTCP_R_LENGTH)) goto error; c->have_session_key = 1;