[svn-commits] file: branch 12 r424290 - in /branches/12: configs/ res/ res/res_pjsip/

Wed, 01 Oct 2014 09:35:46 -0700 

Author: file
Date: Wed Oct  1 11:35:02 2014
New Revision: 424290

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=424290
Log:
res_pjsip: Add 'dtls_fingerprint' option to configure DTLS fingerprint hash.

During the latest update to DTLS-SRTP support the ability to configure
the hash used for fingerprints was added. This gave us two supported ones:
SHA-1 and SHA-256. The default was accordingly updated to SHA-256.
Unfortunately this configuration ability was not exposed within res_pjsip.
This change adds a dtls_fingerprint option that controls it.

#SIPit31

Modified:
    branches/12/configs/pjsip.conf.sample
    branches/12/res/res_pjsip.c
    branches/12/res/res_pjsip/pjsip_configuration.c

Modified: branches/12/configs/pjsip.conf.sample
URL: 
http://svnview.digium.com/svn/asterisk/branches/12/configs/pjsip.conf.sample?view=diff&rev=424290&r1=424289&r2=424290
==============================================================================
--- branches/12/configs/pjsip.conf.sample (original)
+++ branches/12/configs/pjsip.conf.sample Wed Oct  1 11:35:02 2014
@@ -562,6 +562,8 @@
                 ; certificates (default: "")
 ;dtls_setup=    ; Whether we are willing to accept connections connect to the
                 ; other party or both (default: "")
+;dtls_fingerprint= ; Hash to use for the fingerprint placed into SDP
+                   ; (default: "SHA-256")
 ;srtp_tag_32=no ; Determines whether 32 byte tags should be used instead of 80
                 ; byte tags (default: "no")
 ;set_var=       ; Variable set on a channel involving the endpoint. For 
multiple

Modified: branches/12/res/res_pjsip.c
URL: 
http://svnview.digium.com/svn/asterisk/branches/12/res/res_pjsip.c?view=diff&rev=424290&r1=424289&r2=424290
==============================================================================
--- branches/12/res/res_pjsip.c (original)
+++ branches/12/res/res_pjsip.c Wed Oct  1 11:35:02 2014
@@ -689,6 +689,19 @@
                                                        <enum 
name="actpass"><para>
                                                                res_pjsip will 
offer and accept connections from the peer.
                                                        </para></enum>
+                                               </enumlist>
+                                       </description>
+                               </configOption>
+                               <configOption name="dtls_fingerprint">
+                                       <synopsis>Type of hash to use for the 
DTLS fingerprint in the SDP.</synopsis>
+                                       <description>
+                                               <para>
+                                                       This option only 
applies if <replaceable>media_encryption</replaceable> is
+                                                       set to 
<literal>dtls</literal>.
+                                               </para>
+                                               <enumlist>
+                                                       <enum 
name="SHA-256"></enum>
+                                                       <enum 
name="SHA-1"></enum>
                                                </enumlist>
                                        </description>
                                </configOption>

Modified: branches/12/res/res_pjsip/pjsip_configuration.c
URL: 
http://svnview.digium.com/svn/asterisk/branches/12/res/res_pjsip/pjsip_configuration.c?view=diff&rev=424290&r1=424289&r2=424290
==============================================================================
--- branches/12/res/res_pjsip/pjsip_configuration.c (original)
+++ branches/12/res/res_pjsip/pjsip_configuration.c Wed Oct  1 11:35:02 2014
@@ -727,6 +727,20 @@
        const struct ast_sip_endpoint *endpoint = obj;
        if (ARRAY_IN_BOUNDS(endpoint->media.rtp.dtls_cfg.default_setup, 
ast_rtp_dtls_setup_map)) {
                *buf = 
ast_strdup(ast_rtp_dtls_setup_map[endpoint->media.rtp.dtls_cfg.default_setup]);
+       }
+       return 0;
+}
+
+static const char *ast_rtp_dtls_fingerprint_map[] = {
+       [AST_RTP_DTLS_HASH_SHA256] = "SHA-256",
+       [AST_RTP_DTLS_HASH_SHA1] = "SHA-1",
+};
+
+static int dtlsfingerprint_to_str(const void *obj, const intptr_t *args, char 
**buf)
+{
+       const struct ast_sip_endpoint *endpoint = obj;
+       if (ARRAY_IN_BOUNDS(endpoint->media.rtp.dtls_cfg.hash, 
ast_rtp_dtls_fingerprint_map)) {
+               *buf = 
ast_strdup(ast_rtp_dtls_fingerprint_map[endpoint->media.rtp.dtls_cfg.hash]);
        }
        return 0;
 }
@@ -1743,6 +1757,7 @@
        ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", 
"dtls_ca_file", "", dtls_handler, dtlscafile_to_str, NULL, 0, 0);
        ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", 
"dtls_ca_path", "", dtls_handler, dtlscapath_to_str, NULL, 0, 0);
        ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", 
"dtls_setup", "", dtls_handler, dtlssetup_to_str, NULL, 0, 0);
+       ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", 
"dtls_fingerprint", "", dtls_handler, dtlsfingerprint_to_str, NULL, 0, 0);
        ast_sorcery_object_field_register(sip_sorcery, "endpoint", 
"srtp_tag_32", "no", OPT_BOOL_T, 1, FLDSET(struct ast_sip_endpoint, 
media.rtp.srtp_tag_32));
        ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", 
"redirect_method", "user", redirect_handler, NULL, NULL, 0, 0);
        ast_sorcery_object_field_register_custom(sip_sorcery, "endpoint", 
"set_var", "", set_var_handler, set_var_to_str, set_var_to_vl, 0, 0);


-- 
_____________________________________________________________________
-- Bandwidth and Colocation Provided by http://www.api-digital.com --

svn-commits mailing list
To UNSUBSCRIBE or update options visit:
   http://lists.digium.com/mailman/listinfo/svn-commits

Reply via email to