FS-10370: Enable SRTP Key Padding

Some clients rely on Base64 padding characters (i.e., '=') to be present
in encoded SRTP key/salt strings to determine the length of the encoded
data. However, FreeSWITCH removes these characters before including the
encoded strings in the SDP. This causes those clients that rely on the
padding to truncate the encoded data and be unable to properly set up an
encrypted SRTP session.

This change introduces a channel flag named 'rtp_pad_srtp_keys'. When
this flag is enabled, FreeSWITCH includes the Base64 padding characters
in the SDP. This allows clients that rely on the padding to retrieve the
full key and salt values and successfully negotiate an SRTP stream with
FreeSWITCH.

FS-103070 #resolve

diff --git a/src/switch_core_media.c b/src/switch_core_media.c
index 175c1824ec8766b5829feb670f5f7f6939cf7bad..2441af5f8025efd8847046f89894c744320ff0b9 100644 (file)
--- a/src/switch_core_media.c
+++ b/src/switch_core_media.c
@@ -1111,10 +1111,12 @@ static switch_status_t switch_core_media_build_crypto(switch_media_handle_t *smh
 #endif
 
        switch_b64_encode(key, SUITES[ctype].keylen, b64_key, sizeof(b64_key));
-       p = strrchr((char *) b64_key, '=');
+       if (!switch_channel_var_true(channel, "rtp_pad_srtp_keys")) {
+               p = strrchr((char *) b64_key, '=');
 
-       while (p && *p && *p == '=') {
-               *p-- = '\0';
+               while (p && *p && *p == '=') {
+                       *p-- = '\0';
+               }
        }
 
        if (index == SWITCH_NO_CRYPTO_TAG) index = ctype + 1;