TT#49600 add debug log output for SDES negotiations

Change-Id: Ifb49d202bfa691cba63f86192e5730f1446ba1b9
7 years ago · c80f55b85a
parent 84f152bc62
commit c80f55b85a
5 changed files with 43 additions and 0 deletions
--- a/daemon/aux.c
+++ b/daemon/aux.c
@ -293,3 +293,8 @@ int uint32_eq(const void *a, const void *b) {
 	const u_int32_t *A = a, *B = b;
 	return (*A == *B) ? TRUE : FALSE;
 }
+
+void free_buf(char **p) {
+	if (*p)
+		free(*p);
+}
--- a/daemon/call.c
+++ b/daemon/call.c
@ -1053,6 +1053,7 @@ static int __init_stream(struct packet_stream *ps) {
 	struct call_media *media = ps->media;
 	struct call *call = ps->call;
 	int active = -1;
+	AUTO_CLEANUP_BUF(paramsbuf);

 	if (MEDIA_ISSET(media, SDES)) {
 		for (GList *l = ps->sfds.head; l; l = l->next) {
@ -1060,10 +1061,16 @@ static int __init_stream(struct packet_stream *ps) {
 			struct crypto_params_sdes *cps = media->sdes_in.head
 				? media->sdes_in.head->data : NULL;
 			crypto_init(&sfd->crypto, cps ? &cps->params : NULL);
+			ilog(LOG_DEBUG, "[%s] Initialized incoming SRTP with SDES crypto params: %s",
+					endpoint_print_buf(&sfd->socket.local),
+					crypto_params_sdes_dump(cps, &paramsbuf));
 		}
 		struct crypto_params_sdes *cps = media->sdes_out.head
 			? media->sdes_out.head->data : NULL;
 		crypto_init(&ps->crypto, cps ? &cps->params : NULL);
+		ilog(LOG_DEBUG, "[%i] Initialized outgoing SRTP with SDES crypto params: %s",
+				ps->component,
+				crypto_params_sdes_dump(cps, &paramsbuf));
 	}

 	if (MEDIA_ISSET(media, DTLS) && !PS_ISSET(ps, FALLBACK_RTCP)) {
--- a/daemon/crypto.c
+++ b/daemon/crypto.c
@ -730,6 +730,29 @@ void crypto_dump_keys(struct crypto_context *in, struct crypto_context *out) {
 	dump_key(out, log_level);
 }

+char *crypto_params_sdes_dump(const struct crypto_params_sdes *cps, char **buf) {
+	if (*buf)
+		free(*buf);
+
+	GString *s = g_string_new("");
+	if (!cps || !cps->params.crypto_suite) {
+		g_string_append(s, "<none>");
+		goto out;
+	}
+
+	g_string_append_printf(s, "suite %s, tag %u, key ", cps->params.crypto_suite->name, cps->tag);
+	char *b = g_base64_encode(cps->params.master_key, cps->params.crypto_suite->master_key_len);
+	g_string_append_printf(s, "%s salt ", b);
+	free(b);
+	b = g_base64_encode(cps->params.master_salt, cps->params.crypto_suite->master_salt_len);
+	g_string_append_printf(s, "%s", b);
+	free(b);
+
+out:
+	*buf = g_string_free(s, FALSE);
+	return *buf;
+}
+
 void crypto_init_main() {
 	struct crypto_suite *cs;
 	for (unsigned int i = 0; i < num_crypto_suites; i++) {
--- a/include/aux.h
+++ b/include/aux.h
@ -58,6 +58,11 @@ G_STATIC_ASSERT (sizeof *(atomic) == sizeof (gint));                     \
 #define THREAD_BUF_SIZE		64
 #define NUM_THREAD_BUFS		8

+#define AUTO_CLEANUP(decl, func)		decl __attribute__ ((__cleanup__(func)))
+#define AUTO_CLEANUP_INIT(decl, func, val)	AUTO_CLEANUP(decl, func) = val
+#define AUTO_CLEANUP_NULL(decl, func)		AUTO_CLEANUP_INIT(decl, func, 0)
+#define AUTO_CLEANUP_BUF(var)			AUTO_CLEANUP_NULL(char *var, free_buf)
+

 /*** GLOBALS ***/

@ -245,6 +250,8 @@ INLINE int rlim(int res, rlim_t val) {
 	return setrlimit(res, &rlim);
 }

+void free_buf(char **);
+


 /*** INET ADDRESS HELPERS ***/
--- a/include/crypto.h
+++ b/include/crypto.h
@ -108,6 +108,7 @@ void crypto_init_main();
 const struct crypto_suite *crypto_find_suite(const str *);
 int crypto_gen_session_key(struct crypto_context *, str *, unsigned char, int);
 void crypto_dump_keys(struct crypto_context *in, struct crypto_context *out);
+char *crypto_params_sdes_dump(const struct crypto_params_sdes *, char **);