From: Alexander Traud <pabstraud@compuserve.com>
Date: Tue, 7 Jun 2016 10:45:34 +0000 (+0200)
Subject: res_srtp: Instead of libSRTP use OpenSSL as random source.
X-Git-Tag: 13.10.0-rc1~48
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c6ee4a0f44f7f5d8e3c77f63f3c56694584e28e9;p=thirdparty%2Fasterisk.git

res_srtp: Instead of libSRTP use OpenSSL as random source.

Since libSRTP 1.5, its Random Number Generator (RNG) is not maintained anymore.
Therefore, the symbol RAND_bytes is used instead of crypto_get_random.

ASTERISK-24436 #close

Change-Id: Iea0bae4d4e3c9aa0926ea442b6484b5159789d96
---

diff --git a/res/res_srtp.c b/res/res_srtp.c
index 8d8daf0b03..97773c1258 100644
--- a/res/res_srtp.c
+++ b/res/res_srtp.c
@@ -40,7 +40,11 @@
 ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 
 #include <srtp/srtp.h>
+#ifdef HAVE_OPENSSL
+#include <openssl/rand.h>
+#else
 #include <srtp/crypto_kernel.h>
+#endif
 
 #include "asterisk/lock.h"
 #include "asterisk/sched.h"
@@ -305,7 +309,11 @@ static int ast_srtp_policy_set_master_key(struct ast_srtp_policy *policy, const
 
 static int ast_srtp_get_random(unsigned char *key, size_t len)
 {
+#ifdef HAVE_OPENSSL
+	return RAND_bytes(key, len) > 0 ? 0: -1;
+#else
 	return crypto_get_random(key, len) != err_status_ok ? -1: 0;
+#endif
 }
 
 static void ast_srtp_set_cb(struct ast_srtp *srtp, const struct ast_srtp_cb *cb, void *data)