FS-10370: Enable SRTP Key Padding

Some clients rely on Base64 padding characters (i.e., '=') to be present
in encoded SRTP key/salt strings to determine the length of the encoded
data. However, FreeSWITCH removes these characters before including the
encoded strings in the SDP. This causes those clients that rely on the
padding to truncate the encoded data and be unable to properly set up an
encrypted SRTP session.

This change introduces a channel flag named 'rtp_pad_srtp_keys'. When
this flag is enabled, FreeSWITCH includes the Base64 padding characters
in the SDP. This allows clients that rely on the padding to retrieve the
full key and salt values and successfully negotiate an SRTP stream with
FreeSWITCH.

FS-103070 #resolve

diff --git a/src/switch_core_media.c b/src/switch_core_media.c
index 1f136390bdd4b1f2cb69e593b56d112c36b43f9e..35c0c9971651ec867ef4db8cdd1f4bd7d06a7032 100644 (file)
--- a/src/switch_core_media.c
+++ b/src/switch_core_media.c
@@ -1173,10 +1173,12 @@ static switch_status_t switch_core_media_build_crypto(switch_media_handle_t *smh
 #endif
 
        switch_b64_encode(key, SUITES[ctype].keylen, b64_key, sizeof(b64_key));
-       p = strrchr((char *) b64_key, '=');
+       if (!switch_channel_var_true(channel, "rtp_pad_srtp_keys")) {
+               p = strrchr((char *) b64_key, '=');
 
-       while (p && *p && *p == '=') {
-               *p-- = '\0';
+               while (p && *p && *p == '=') {
+                       *p-- = '\0';
+               }
        }
 
        if (index == SWITCH_NO_CRYPTO_TAG) index = ctype + 1;