<!-- <action application="export" data="sip_secure_media=true"/> -->
</condition>
- <!--
- This will cause us to not enable SRTP on known broken 3.x.x Polycom Firmware.
- -->
- <condition field="${sip_secure_media}" expression="^true$" break="never"/>
- <condition field="${sip_user_agent}" expression="^PolycomSound(Point|Station)IP-S(S|P)IP_\d{3,4}-UA\/((3).(\d).(\d).(\d{4}))$" break="never">
- <action application="set" data="sip_secure_media=false"/>
- <action application="log" data="crit Your phone is a Polycom running 3.x firmware that is known broken for SRTP."/>
- </condition>
-
<condition>
<action application="hash" data="insert/${domain_name}-spymap/${caller_id_number}/${uuid}"/>
<action application="hash" data="insert/${domain_name}-last_dial/${caller_id_number}/${destination_number}"/>
}
if (is_ok) {
+ if (tech_pvt->local_crypto_key) {
+ sofia_glue_set_local_sdp(tech_pvt, NULL, 0, NULL, 0);
+ }
nua_respond(tech_pvt->nh, SIP_200_OK,
SIPTAG_CONTACT_STR(tech_pvt->reply_contact),
SOATAG_USER_SDP_STR(tech_pvt->local_sdp_str),
const char *a = switch_stristr("AES", tech_pvt->remote_crypto_key);
const char *b = switch_stristr("AES", crypto);
+ /* Change our key every time we can */
+ if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_32, crypto)) {
+ switch_channel_set_variable(tech_pvt->channel, SOFIA_HAS_CRYPTO_VARIABLE, SWITCH_RTP_CRYPTO_KEY_32);
+ sofia_glue_build_crypto(tech_pvt, atoi(crypto), AES_CM_128_HMAC_SHA1_32, SWITCH_RTP_CRYPTO_SEND);
+ switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), tech_pvt->crypto_type,
+ tech_pvt->local_raw_key, SWITCH_RTP_KEY_LEN);
+ } else if (switch_stristr(SWITCH_RTP_CRYPTO_KEY_80, crypto)) {
+ switch_channel_set_variable(tech_pvt->channel, SOFIA_HAS_CRYPTO_VARIABLE, SWITCH_RTP_CRYPTO_KEY_80);
+ sofia_glue_build_crypto(tech_pvt, atoi(crypto), AES_CM_128_HMAC_SHA1_80, SWITCH_RTP_CRYPTO_SEND);
+ switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_SEND, atoi(crypto), tech_pvt->crypto_type,
+ tech_pvt->local_raw_key, SWITCH_RTP_KEY_LEN);
+ } else {
+ switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_ERROR, "Crypto Setup Failed!.\n");
+ }
+
if (a && b && !strncasecmp(a, b, 23)) {
switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "Change Remote key to [%s]\n", crypto);
tech_pvt->remote_crypto_key = switch_core_session_strdup(tech_pvt->session, crypto);
tech_pvt->crypto_tag = crypto_tag;
-
+
if (switch_rtp_ready(tech_pvt->rtp_session) && sofia_test_flag(tech_pvt, TFLAG_SECURE)) {
sofia_glue_add_crypto(tech_pvt, tech_pvt->remote_crypto_key, SWITCH_RTP_CRYPTO_RECV);
switch_rtp_add_crypto_key(tech_pvt->rtp_session, SWITCH_RTP_CRYPTO_RECV, tech_pvt->crypto_tag,