diff options
author | Joshua Colp <jcolp@digium.com> | 2014-10-01 16:39:45 +0000 |
---|---|---|
committer | Joshua Colp <jcolp@digium.com> | 2014-10-01 16:39:45 +0000 |
commit | adba2a8d7fdd70dbe466b50385609a55017fc2b1 (patch) | |
tree | d42d965447b25c956aac7b8d944adb0538efe47e /res | |
parent | 9233b1cf44e0ec8dcf0895ed8ee15534d8d4f3a7 (diff) |
res_pjsip: Add 'dtls_fingerprint' option to configure DTLS fingerprint hash.
During the latest update to DTLS-SRTP support the ability to configure
the hash used for fingerprints was added. This gave us two supported ones:
SHA-1 and SHA-256. The default was accordingly updated to SHA-256.
Unfortunately this configuration ability was not exposed within res_pjsip.
This change adds a dtls_fingerprint option that controls it.
#SIPit31
........
Merged revisions 424290 from http://svn.asterisk.org/svn/asterisk/branches/12
........
Merged revisions 424291 from http://svn.asterisk.org/svn/asterisk/branches/13
git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@424292 65c4cc65-6c06-0410-ace0-fbb531ad65f3
Diffstat (limited to 'res')
-rw-r--r-- | res/res_pjsip.c | 13 | ||||
-rw-r--r-- | res/res_pjsip/pjsip_configuration.c | 15 |
2 files changed, 28 insertions, 0 deletions
diff --git a/res/res_pjsip.c b/res/res_pjsip.c index a7f684650..e6d0d0c48 100644 --- a/res/res_pjsip.c +++ b/res/res_pjsip.c @@ -692,6 +692,19 @@ </enumlist> </description> </configOption> + <configOption name="dtls_fingerprint"> + <synopsis>Type of hash to use for the DTLS fingerprint in the SDP.</synopsis> + <description> + <para> + This option only applies if <replaceable>media_encryption</replaceable> is + set to <literal>dtls</literal>. + </para> + <enumlist> + <enum name="SHA-256"></enum> + <enum name="SHA-1"></enum> + </enumlist> + </description> + </configOption> <configOption name="srtp_tag_32"> <synopsis>Determines whether 32 byte tags should be used instead of 80 byte tags.</synopsis> <description><para> diff --git a/res/res_pjsip/pjsip_configuration.c b/res/res_pjsip/pjsip_configuration.c index a5fec8643..c3fa43fae 100644 --- a/res/res_pjsip/pjsip_configuration.c +++ b/res/res_pjsip/pjsip_configuration.c @@ -726,6 +726,20 @@ static int dtlssetup_to_str(const void *obj, const intptr_t *args, char **buf) return 0; } +static const char *ast_rtp_dtls_fingerprint_map[] = { + [AST_RTP_DTLS_HASH_SHA256] = "SHA-256", + [AST_RTP_DTLS_HASH_SHA1] = "SHA-1", +}; + +static int dtlsfingerprint_to_str(const void *obj, const intptr_t *args, char **buf) +{ + const struct ast_sip_endpoint *endpoint = obj; + if (ARRAY_IN_BOUNDS(endpoint->media.rtp.dtls_cfg.hash, ast_rtp_dtls_fingerprint_map)) { + *buf = ast_strdup(ast_rtp_dtls_fingerprint_map[endpoint->media.rtp.dtls_cfg.hash]); + } + return 0; +} + static int t38udptl_ec_handler(const struct aco_option *opt, struct ast_variable *var, void *obj) { @@ -1738,6 +1752,7 @@ int ast_res_pjsip_initialize_configuration(const struct ast_module_info *ast_mod ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_ca_file", "", dtls_handler, dtlscafile_to_str, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_ca_path", "", dtls_handler, dtlscapath_to_str, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_setup", "", dtls_handler, dtlssetup_to_str, NULL, 0, 0); + ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "dtls_fingerprint", "", dtls_handler, dtlsfingerprint_to_str, NULL, 0, 0); ast_sorcery_object_field_register(sip_sorcery, "endpoint", "srtp_tag_32", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, media.rtp.srtp_tag_32)); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "redirect_method", "user", redirect_handler, NULL, NULL, 0, 0); ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", "set_var", "", set_var_handler, set_var_to_str, set_var_to_vl, 0, 0); |