]> git.ipfire.org Git - thirdparty/freeswitch.git/commitdiff
sigh, polycom srtp will work now
authorBrian West <brian@freeswitch.org>
Thu, 14 May 2009 00:15:06 +0000 (00:15 +0000)
committerBrian West <brian@freeswitch.org>
Thu, 14 May 2009 00:15:06 +0000 (00:15 +0000)
git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@13295 d0543943-73ff-0310-b7d9-9358b9ac24b2

conf/dialplan/default.xml
src/mod/endpoints/mod_sofia/sofia.c
src/mod/endpoints/mod_sofia/sofia_glue.c

index 6505d20b39c59f496cccdec6df5dbfcb042ef8ea..ed9ad3be20f7e719831aea081fd8050ca9491f85 100644 (file)
        <!-- <action application="export" data="sip_secure_media=true"/> -->
       </condition>
 
-      <!-- 
-          This will cause us to not enable SRTP on known broken 3.x.x Polycom Firmware.
-      -->
-      <condition field="${sip_secure_media}" expression="^true$" break="never"/>
-      <condition field="${sip_user_agent}" expression="^PolycomSound(Point|Station)IP-S(S|P)IP_\d{3,4}-UA\/((3).(\d).(\d).(\d{4}))$" break="never">
-       <action application="set" data="sip_secure_media=false"/>
-       <action application="log" data="crit Your phone is a Polycom running 3.x firmware that is known broken for SRTP."/>
-      </condition>
-
       <condition>
        <action application="hash" data="insert/${domain_name}-spymap/${caller_id_number}/${uuid}"/>
        <action application="hash" data="insert/${domain_name}-last_dial/${caller_id_number}/${destination_number}"/>
index 221f9dd7260155a43cb7a281987522b757418c7c..09892772c65d1887e74114ec0ecb87991412ff2b 100644 (file)
@@ -3372,6 +3372,9 @@ static void sofia_handle_sip_i_state(switch_core_session_t *session, int status,
                                }
                                
                                if (is_ok) {
+                                       if (tech_pvt->local_crypto_key) {
+                                               sofia_glue_set_local_sdp(tech_pvt, NULL, 0, NULL, 0);
+                                       }
                                        nua_respond(tech_pvt->nh, SIP_200_OK,
                                                                SIPTAG_CONTACT_STR(tech_pvt->reply_contact),
                                                                SOATAG_USER_SDP_STR(tech_pvt->local_sdp_str),
index aaf865afe45647f64aee5ce7c217755cad6128b3..7ce1019f3bbb33aa6c31a00d282ce06c64da0234 100644 (file)
@@ -2805,11 +2805,26 @@ uint8_t sofia_glue_negotiate_sdp(switch_core_session_t *session, sdp_session_t *
                                                        const char *a = switch_stristr("AES", tech_pvt->remote_crypto_key);
                                                        const char *b = switch_stristr("AES", crypto);
 
+                                                       /* Change our key every time we can */
+                                                       if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_32, crypto)) {
+                                                               switch_channel_set_variable(tech_pvt->channel, SOFIA_HAS_CRYPTO_VARIABLE, SWITCH_RTP_CRYPTO_KEY_32);
+                                                               sofia_glue_build_crypto(tech_pvt, atoi(crypto), AES_CM_128_HMAC_SHA1_32, SWITCH_RTP_CRYPTO_SEND);
+                                                               switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), tech_pvt->crypto_type,
+                                                                                                                 tech_pvt->local_raw_key, SWITCH_RTP_KEY_LEN);
+                                                       } else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_80, crypto)) {
+                                                               switch_channel_set_variable(tech_pvt->channel, SOFIA_HAS_CRYPTO_VARIABLE, SWITCH_RTP_CRYPTO_KEY_80);
+                                                               sofia_glue_build_crypto(tech_pvt, atoi(crypto), AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND);
+                                                               switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), tech_pvt->crypto_type,
+                                                                                                                 tech_pvt->local_raw_key, SWITCH_RTP_KEY_LEN);
+                                                       } else {
+                                                               switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Crypto Setup Failed!.\n");
+                                                       }
+                                                                                                               
                                                        if (a && b && !strncasecmp(a, b, 23)) {
                                                                switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "Change Remote key to [%s]\n", crypto);
                                                                tech_pvt->remote_crypto_key = switch_core_session_strdup(tech_pvt->session, crypto);
                                                                tech_pvt->crypto_tag = crypto_tag;
-
+                                                               
                                                                if (switch_rtp_ready(tech_pvt->rtp_session) && sofia_test_flag(tech_pvt, TFLAG_SECURE)) {
                                                                        sofia_glue_add_crypto(tech_pvt, tech_pvt->remote_crypto_key, SWITCH_RTP_CRYPTO_RECV);
                                                                        switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_RECV, tech_pvt->crypto_tag,