From 1f136fe8859c8c4b42e9608bab01eab45d549a55 Mon Sep 17 00:00:00 2001
From: Sean Bright <sean.bright@gmail.com>
Date: Fri, 26 May 2017 12:15:42 -0400
Subject: [PATCH] res_srtp: Add support for libsrtp2
ASTERISK-25294 #close
Reported by: Tzafrir Cohen
ASTERISK-26976 #close
Reported by: Alex
Change-Id: I789b1c3d1ed31365bbd9339fa58ef36f48833c40
---
autoconf/ast_ext_lib.m4 | 36 ++
configure | 589 +++++++++++++++++++++++++++++--
configure.ac | 93 ++---
include/asterisk/autoconfig.h.in | 3 +
res/res_srtp.c | 16 +-
res/srtp/srtp_compat.h | 40 +++
6 files changed, 703 insertions(+), 74 deletions(-)
create mode 100644 res/srtp/srtp_compat.h
diff --git a/autoconf/ast_ext_lib.m4 b/autoconf/ast_ext_lib.m4
index 2c73b40c5d..cd5a3a7793 100644
--- a/autoconf/ast_ext_lib.m4
+++ b/autoconf/ast_ext_lib.m4
@@ -164,3 +164,39 @@ _ACEOF
fi
m4_ifval([$7], [AH_TEMPLATE(m4_bpatsubst([[HAVE_$1_VERSION]], [(.*)]), [Define to the version of the $2 library.])])
])
+
+# Check if the previously discovered library can be dynamically linked.
+#
+# AST_EXT_LIB_CHECK_SHARED([package], [library], [function], [header],
+# [extra libs], [extra cflags], [action-if-true], [action-if-false])
+AC_DEFUN([AST_EXT_LIB_CHECK_SHARED],
+[
+if test "x${PBX_$1}" = "x1"; then
+ ast_ext_lib_check_shared_saved_libs="${LIBS}"
+ ast_ext_lib_check_shared_saved_ldflags="${LDFLAGS}"
+ ast_ext_lib_check_shared_saved_cflags="${CFLAGS}"
+ LIBS="${LIBS} ${$1_LIB} $5"
+ LDFLAGS="${LDFLAGS} -shared -fPIC"
+ CFLAGS="${CFLAGS} ${$1_INCLUDE} $6"
+ AC_MSG_CHECKING(for the ability of -l$2 to be linked in a shared object)
+ AC_LINK_IFELSE(
+ [
+ AC_LANG_PROGRAM(
+ [#include <$4>],
+ [$3();]
+ )
+ ],
+ [
+ AC_MSG_RESULT(yes)
+ $7
+ ],
+ [
+ AC_MSG_RESULT(no)
+ $8
+ ]
+ )
+ CFLAGS="${ast_ext_lib_check_shared_saved_cflags}"
+ LDFLAGS="${ast_ext_lib_check_shared_saved_ldflags}"
+ LIBS="${ast_ext_lib_check_shared_saved_libs}"
+fi
+])
diff --git a/configure b/configure
index 89de95ae6b..739cf65e41 100755
--- a/configure
+++ b/configure
@@ -1354,6 +1354,7 @@ infodir
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -1537,6 +1538,7 @@ datadir='${datarootdir}'
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1789,6 +1791,15 @@ do
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1926,7 +1937,7 @@ fi
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -2079,6 +2090,7 @@ Fine tuning of the installation directories:
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -14897,7 +14909,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -14943,7 +14955,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -14967,7 +14979,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -15012,7 +15024,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -15036,7 +15048,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
-#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
+#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -33421,6 +33433,516 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
fi
+if test "x${PBX_SRTP}" != "x1" -a "${USE_SRTP}" != "no"; then
+ pbxlibdir=""
+ # if --with-SRTP=DIR has been specified, use it.
+ if test "x${SRTP_DIR}" != "x"; then
+ if test -d ${SRTP_DIR}/lib; then
+ pbxlibdir="-L${SRTP_DIR}/lib"
+ else
+ pbxlibdir="-L${SRTP_DIR}"
+ fi
+ fi
+ pbxfuncname="srtp_init"
+ if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
+ AST_SRTP_FOUND=yes
+ else
+ ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
+ CFLAGS="${CFLAGS} "
+ as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5
+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }
+if eval \${$as_ac_Lib+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsrtp2 ${pbxlibdir} $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char ${pbxfuncname} ();
+int
+main ()
+{
+return ${pbxfuncname} ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ eval "$as_ac_Lib=yes"
+else
+ eval "$as_ac_Lib=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+eval ac_res=\$$as_ac_Lib
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ AST_SRTP_FOUND=yes
+else
+ AST_SRTP_FOUND=no
+fi
+
+ CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
+ fi
+
+ # now check for the header.
+ if test "${AST_SRTP_FOUND}" = "yes"; then
+ SRTP_LIB="${pbxlibdir} -lsrtp2 "
+ # if --with-SRTP=DIR has been specified, use it.
+ if test "x${SRTP_DIR}" != "x"; then
+ SRTP_INCLUDE="-I${SRTP_DIR}/include"
+ fi
+ SRTP_INCLUDE="${SRTP_INCLUDE} "
+ if test "xsrtp2/srtp.h" = "x" ; then # no header, assume found
+ SRTP_HEADER_FOUND="1"
+ else # check for the header
+ ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
+ CPPFLAGS="${CPPFLAGS} ${SRTP_INCLUDE}"
+ ac_fn_c_check_header_mongrel "$LINENO" "srtp2/srtp.h" "ac_cv_header_srtp2_srtp_h" "$ac_includes_default"
+if test "x$ac_cv_header_srtp2_srtp_h" = xyes; then :
+ SRTP_HEADER_FOUND=1
+else
+ SRTP_HEADER_FOUND=0
+fi
+
+
+ CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
+ fi
+ if test "x${SRTP_HEADER_FOUND}" = "x0" ; then
+ SRTP_LIB=""
+ SRTP_INCLUDE=""
+ else
+ if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
+ SRTP_LIB=""
+ fi
+ PBX_SRTP=1
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP_VERSION 2
+_ACEOF
+
+ fi
+ fi
+fi
+
+
+
+if test "x${PBX_SRTP}" = "x1"; then
+ ast_ext_lib_check_shared_saved_libs="${LIBS}"
+ ast_ext_lib_check_shared_saved_ldflags="${LDFLAGS}"
+ ast_ext_lib_check_shared_saved_cflags="${CFLAGS}"
+ LIBS="${LIBS} ${SRTP_LIB} "
+ LDFLAGS="${LDFLAGS} -shared -fPIC"
+ CFLAGS="${CFLAGS} ${SRTP_INCLUDE} "
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the ability of -lsrtp2 to be linked in a shared object" >&5
+$as_echo_n "checking for the ability of -lsrtp2 to be linked in a shared object... " >&6; }
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+ #include <srtp2/srtp.h>
+int
+main ()
+{
+srtp_init();
+
+ ;
+ return 0;
+}
+
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+
+
+else
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
+$as_echo "$as_me: WARNING: ***" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** libsrtp2 could not be linked as a shared object." >&5
+$as_echo "$as_me: WARNING: *** libsrtp2 could not be linked as a shared object." >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** Try compiling libsrtp2 manually. Configure libsrtp2" >&5
+$as_echo "$as_me: WARNING: *** Try compiling libsrtp2 manually. Configure libsrtp2" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** with ./configure --prefix=/usr replacing /usr with" >&5
+$as_echo "$as_me: WARNING: *** with ./configure --prefix=/usr replacing /usr with" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** the prefix of your choice, and then make with" >&5
+$as_echo "$as_me: WARNING: *** the prefix of your choice, and then make with" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** 'make libsrtp2.so'" >&5
+$as_echo "$as_me: WARNING: *** 'make libsrtp2.so'" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
+$as_echo "$as_me: WARNING: ***" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** After re-installing libsrtp2, re-run the Asterisk" >&5
+$as_echo "$as_me: WARNING: *** After re-installing libsrtp2, re-run the Asterisk" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** configure script." >&5
+$as_echo "$as_me: WARNING: *** configure script." >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
+$as_echo "$as_me: WARNING: ***" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** If you do not need SRTP support re-run configure" >&5
+$as_echo "$as_me: WARNING: *** If you do not need SRTP support re-run configure" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** with the --without-srtp option." >&5
+$as_echo "$as_me: WARNING: *** with the --without-srtp option." >&2;}
+ exit 1
+
+
+
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+ CFLAGS="${ast_ext_lib_check_shared_saved_cflags}"
+ LDFLAGS="${ast_ext_lib_check_shared_saved_ldflags}"
+ LIBS="${ast_ext_lib_check_shared_saved_libs}"
+fi
+
+
+if test "x$PBX_SRTP" = x1;
+then
+
+if test "x${PBX_SRTP_256}" != "x1" -a "${USE_SRTP_256}" != "no"; then
+ pbxlibdir=""
+ # if --with-SRTP_256=DIR has been specified, use it.
+ if test "x${SRTP_256_DIR}" != "x"; then
+ if test -d ${SRTP_256_DIR}/lib; then
+ pbxlibdir="-L${SRTP_256_DIR}/lib"
+ else
+ pbxlibdir="-L${SRTP_256_DIR}"
+ fi
+ fi
+ pbxfuncname="srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80"
+ if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
+ AST_SRTP_256_FOUND=yes
+ else
+ ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
+ CFLAGS="${CFLAGS} "
+ as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5
+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }
+if eval \${$as_ac_Lib+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsrtp2 ${pbxlibdir} $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char ${pbxfuncname} ();
+int
+main ()
+{
+return ${pbxfuncname} ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ eval "$as_ac_Lib=yes"
+else
+ eval "$as_ac_Lib=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+eval ac_res=\$$as_ac_Lib
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ AST_SRTP_256_FOUND=yes
+else
+ AST_SRTP_256_FOUND=no
+fi
+
+ CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
+ fi
+
+ # now check for the header.
+ if test "${AST_SRTP_256_FOUND}" = "yes"; then
+ SRTP_256_LIB="${pbxlibdir} -lsrtp2 "
+ # if --with-SRTP_256=DIR has been specified, use it.
+ if test "x${SRTP_256_DIR}" != "x"; then
+ SRTP_256_INCLUDE="-I${SRTP_256_DIR}/include"
+ fi
+ SRTP_256_INCLUDE="${SRTP_256_INCLUDE} "
+ if test "x" = "x" ; then # no header, assume found
+ SRTP_256_HEADER_FOUND="1"
+ else # check for the header
+ ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
+ CPPFLAGS="${CPPFLAGS} ${SRTP_256_INCLUDE}"
+ ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"
+if test "x$ac_cv_header_" = xyes; then :
+ SRTP_256_HEADER_FOUND=1
+else
+ SRTP_256_HEADER_FOUND=0
+fi
+
+
+ CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
+ fi
+ if test "x${SRTP_256_HEADER_FOUND}" = "x0" ; then
+ SRTP_256_LIB=""
+ SRTP_256_INCLUDE=""
+ else
+ if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
+ SRTP_256_LIB=""
+ fi
+ PBX_SRTP_256=1
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP_256 1
+_ACEOF
+
+ fi
+ fi
+fi
+
+
+
+if test "x${PBX_SRTP_GCM}" != "x1" -a "${USE_SRTP_GCM}" != "no"; then
+ pbxlibdir=""
+ # if --with-SRTP_GCM=DIR has been specified, use it.
+ if test "x${SRTP_GCM_DIR}" != "x"; then
+ if test -d ${SRTP_GCM_DIR}/lib; then
+ pbxlibdir="-L${SRTP_GCM_DIR}/lib"
+ else
+ pbxlibdir="-L${SRTP_GCM_DIR}"
+ fi
+ fi
+ pbxfuncname="srtp_crypto_policy_set_aes_gcm_128_8_auth"
+ if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
+ AST_SRTP_GCM_FOUND=yes
+ else
+ ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
+ CFLAGS="${CFLAGS} "
+ as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5
+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }
+if eval \${$as_ac_Lib+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsrtp2 ${pbxlibdir} $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char ${pbxfuncname} ();
+int
+main ()
+{
+return ${pbxfuncname} ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ eval "$as_ac_Lib=yes"
+else
+ eval "$as_ac_Lib=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+eval ac_res=\$$as_ac_Lib
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ AST_SRTP_GCM_FOUND=yes
+else
+ AST_SRTP_GCM_FOUND=no
+fi
+
+ CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
+ fi
+
+ # now check for the header.
+ if test "${AST_SRTP_GCM_FOUND}" = "yes"; then
+ SRTP_GCM_LIB="${pbxlibdir} -lsrtp2 "
+ # if --with-SRTP_GCM=DIR has been specified, use it.
+ if test "x${SRTP_GCM_DIR}" != "x"; then
+ SRTP_GCM_INCLUDE="-I${SRTP_GCM_DIR}/include"
+ fi
+ SRTP_GCM_INCLUDE="${SRTP_GCM_INCLUDE} "
+ if test "x" = "x" ; then # no header, assume found
+ SRTP_GCM_HEADER_FOUND="1"
+ else # check for the header
+ ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
+ CPPFLAGS="${CPPFLAGS} ${SRTP_GCM_INCLUDE}"
+ ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"
+if test "x$ac_cv_header_" = xyes; then :
+ SRTP_GCM_HEADER_FOUND=1
+else
+ SRTP_GCM_HEADER_FOUND=0
+fi
+
+
+ CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
+ fi
+ if test "x${SRTP_GCM_HEADER_FOUND}" = "x0" ; then
+ SRTP_GCM_LIB=""
+ SRTP_GCM_INCLUDE=""
+ else
+ if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
+ SRTP_GCM_LIB=""
+ fi
+ PBX_SRTP_GCM=1
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP_GCM 1
+_ACEOF
+
+ fi
+ fi
+fi
+
+
+
+if test "x${PBX_SRTP_SHUTDOWN}" != "x1" -a "${USE_SRTP_SHUTDOWN}" != "no"; then
+ pbxlibdir=""
+ # if --with-SRTP_SHUTDOWN=DIR has been specified, use it.
+ if test "x${SRTP_SHUTDOWN_DIR}" != "x"; then
+ if test -d ${SRTP_SHUTDOWN_DIR}/lib; then
+ pbxlibdir="-L${SRTP_SHUTDOWN_DIR}/lib"
+ else
+ pbxlibdir="-L${SRTP_SHUTDOWN_DIR}"
+ fi
+ fi
+ pbxfuncname="srtp_shutdown"
+ if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
+ AST_SRTP_SHUTDOWN_FOUND=yes
+ else
+ ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
+ CFLAGS="${CFLAGS} "
+ as_ac_Lib=`$as_echo "ac_cv_lib_srtp2_${pbxfuncname}" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp2" >&5
+$as_echo_n "checking for ${pbxfuncname} in -lsrtp2... " >&6; }
+if eval \${$as_ac_Lib+:} false; then :
+ $as_echo_n "(cached) " >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lsrtp2 ${pbxlibdir} $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h. */
+
+/* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+#ifdef __cplusplus
+extern "C"
+#endif
+char ${pbxfuncname} ();
+int
+main ()
+{
+return ${pbxfuncname} ();
+ ;
+ return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+ eval "$as_ac_Lib=yes"
+else
+ eval "$as_ac_Lib=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+eval ac_res=\$$as_ac_Lib
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
+ AST_SRTP_SHUTDOWN_FOUND=yes
+else
+ AST_SRTP_SHUTDOWN_FOUND=no
+fi
+
+ CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
+ fi
+
+ # now check for the header.
+ if test "${AST_SRTP_SHUTDOWN_FOUND}" = "yes"; then
+ SRTP_SHUTDOWN_LIB="${pbxlibdir} -lsrtp2 "
+ # if --with-SRTP_SHUTDOWN=DIR has been specified, use it.
+ if test "x${SRTP_SHUTDOWN_DIR}" != "x"; then
+ SRTP_SHUTDOWN_INCLUDE="-I${SRTP_SHUTDOWN_DIR}/include"
+ fi
+ SRTP_SHUTDOWN_INCLUDE="${SRTP_SHUTDOWN_INCLUDE} "
+ if test "xsrtp2/srtp.h" = "x" ; then # no header, assume found
+ SRTP_SHUTDOWN_HEADER_FOUND="1"
+ else # check for the header
+ ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
+ CPPFLAGS="${CPPFLAGS} ${SRTP_SHUTDOWN_INCLUDE}"
+ ac_fn_c_check_header_mongrel "$LINENO" "srtp2/srtp.h" "ac_cv_header_srtp2_srtp_h" "$ac_includes_default"
+if test "x$ac_cv_header_srtp2_srtp_h" = xyes; then :
+ SRTP_SHUTDOWN_HEADER_FOUND=1
+else
+ SRTP_SHUTDOWN_HEADER_FOUND=0
+fi
+
+
+ CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
+ fi
+ if test "x${SRTP_SHUTDOWN_HEADER_FOUND}" = "x0" ; then
+ SRTP_SHUTDOWN_LIB=""
+ SRTP_SHUTDOWN_INCLUDE=""
+ else
+ if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
+ SRTP_SHUTDOWN_LIB=""
+ fi
+ PBX_SRTP_SHUTDOWN=1
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP_SHUTDOWN 1
+_ACEOF
+
+ fi
+ fi
+fi
+
+
+
+ # libsrtp2 removed support for PRNG, so we require OpenSSL
+ if test "x$PBX_OPENSSL" != x1;
+ then
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
+$as_echo "$as_me: WARNING: ***" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** OpenSSL required when using libsrtp2, checking for libsrtp instead." >&5
+$as_echo "$as_me: WARNING: *** OpenSSL required when using libsrtp2, checking for libsrtp instead." >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
+$as_echo "$as_me: WARNING: ***" >&2;}
+ PBX_SRTP=0
+ fi
+fi
+
+if test "x$PBX_SRTP" != x1;
+then
+
if test "x${PBX_SRTP}" != "x1" -a "${USE_SRTP}" != "no"; then
pbxlibdir=""
# if --with-SRTP=DIR has been specified, use it.
@@ -33517,6 +34039,10 @@ fi
PBX_SRTP=1
cat >>confdefs.h <<_ACEOF
#define HAVE_SRTP 1
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SRTP_VERSION 1
_ACEOF
fi
@@ -33525,20 +34051,19 @@ fi
-if test "$PBX_SRTP" = "1";
-then
- saved_libs="${LIBS}"
- saved_ldflags="${LDFLAGS}"
- saved_cflags="${CFLAGS}"
- LIBS="${LIBS} ${SRTP_LIB}"
- LDFLAGS="${LDFLAGS} -shared -fPIC"
- CFLAGS="${CFLAGS} ${SRTP_INCLUDE}"
- { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the ability of -lsrtp to be linked in a shared object" >&5
+if test "x${PBX_SRTP}" = "x1"; then
+ ast_ext_lib_check_shared_saved_libs="${LIBS}"
+ ast_ext_lib_check_shared_saved_ldflags="${LDFLAGS}"
+ ast_ext_lib_check_shared_saved_cflags="${CFLAGS}"
+ LIBS="${LIBS} ${SRTP_LIB} "
+ LDFLAGS="${LDFLAGS} -shared -fPIC"
+ CFLAGS="${CFLAGS} ${SRTP_INCLUDE} "
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the ability of -lsrtp to be linked in a shared object" >&5
$as_echo_n "checking for the ability of -lsrtp to be linked in a shared object... " >&6; }
- cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
- #include <srtp/srtp.h>
+ #include <srtp/srtp.h>
int
main ()
{
@@ -33550,12 +34075,16 @@ srtp_init();
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
$as_echo "yes" >&6; }
+
+
else
- { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+ { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
$as_echo "no" >&6; }
+
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
$as_echo "$as_me: WARNING: ***" >&2;}
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** libsrtp could not be linked as a shared object." >&5
@@ -33566,8 +34095,8 @@ $as_echo "$as_me: WARNING: *** Try compiling libsrtp manually. Configure libsrtp
$as_echo "$as_me: WARNING: *** with ./configure CFLAGS=-fPIC --prefix=/usr" >&2;}
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** replacing /usr with the prefix of your choice." >&5
$as_echo "$as_me: WARNING: *** replacing /usr with the prefix of your choice." >&2;}
- { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** After re-installing libsrtp" >&5
-$as_echo "$as_me: WARNING: *** After re-installing libsrtp" >&2;}
+ { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** After re-installing libsrtp, re-run the Asterisk" >&5
+$as_echo "$as_me: WARNING: *** After re-installing libsrtp, re-run the Asterisk" >&2;}
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: *** configure script." >&5
$as_echo "$as_me: WARNING: *** configure script." >&2;}
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: ***" >&5
@@ -33579,16 +34108,18 @@ $as_echo "$as_me: WARNING: *** with the --without-srtp option." >&2;}
exit 1
+
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
- LIBS="${saved_libs}"
- LDFLAGS="${saved_ldflags}"
- CFLAGS="${saved_cflags}"
+ CFLAGS="${ast_ext_lib_check_shared_saved_cflags}"
+ LDFLAGS="${ast_ext_lib_check_shared_saved_ldflags}"
+ LIBS="${ast_ext_lib_check_shared_saved_libs}"
fi
-if test "$PBX_SRTP" = "1";
-then
+
+ if test "x$PBX_SRTP" = x1;
+ then
if test "x${PBX_SRTP_256}" != "x1" -a "${USE_SRTP_256}" != "no"; then
pbxlibdir=""
@@ -33808,7 +34339,7 @@ if test "x${PBX_SRTP_GCM}" != "x1" -a "${USE_SRTP_GCM}" != "no"; then
pbxlibdir="-L${SRTP_GCM_DIR}"
fi
fi
- pbxfuncname="aes_gcm_128_openssl"
+ pbxfuncname="crypto_policy_set_aes_gcm_128_8_auth"
if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
AST_SRTP_GCM_FOUND=yes
else
@@ -33901,8 +34432,6 @@ _ACEOF
fi
-fi
-
if test "x${PBX_SRTP_SHUTDOWN}" != "x1" -a "${USE_SRTP_SHUTDOWN}" != "no"; then
pbxlibdir=""
@@ -34007,6 +34536,8 @@ _ACEOF
fi
+ fi
+fi
for ver in 2.0 2.2 2.4 2.6; do
diff --git a/configure.ac b/configure.ac
index 3bfb82eea3..9c07a4f6d9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2476,53 +2476,64 @@ then
AST_C_DEFINE_CHECK([SSL_OP_NO_TLSV1_2], [SSL_OP_NO_TLSv1_2], [openssl/ssl.h])
fi
-AST_EXT_LIB_CHECK([SRTP], [srtp], [srtp_init], [srtp/srtp.h])
+AST_EXT_LIB_CHECK([SRTP], [srtp2], [srtp_init], [srtp2/srtp.h], [], [], [2])
+AST_EXT_LIB_CHECK_SHARED([SRTP], [srtp2], [srtp_init], [srtp2/srtp.h], [], [], [], [
+ AC_MSG_WARN([***])
+ AC_MSG_WARN([*** libsrtp2 could not be linked as a shared object.])
+ AC_MSG_WARN([*** Try compiling libsrtp2 manually. Configure libsrtp2])
+ AC_MSG_WARN([*** with ./configure --prefix=/usr replacing /usr with])
+ AC_MSG_WARN([*** the prefix of your choice, and then make with])
+ AC_MSG_WARN([*** 'make libsrtp2.so'])
+ AC_MSG_WARN([***])
+ AC_MSG_WARN([*** After re-installing libsrtp2, re-run the Asterisk])
+ AC_MSG_WARN([*** configure script.])
+ AC_MSG_WARN([***])
+ AC_MSG_WARN([*** If you do not need SRTP support re-run configure])
+ AC_MSG_WARN([*** with the --without-srtp option.])
+ exit 1
+])
-if test "$PBX_SRTP" = "1";
+if test "x$PBX_SRTP" = x1;
then
- saved_libs="${LIBS}"
- saved_ldflags="${LDFLAGS}"
- saved_cflags="${CFLAGS}"
- LIBS="${LIBS} ${SRTP_LIB}"
- LDFLAGS="${LDFLAGS} -shared -fPIC"
- CFLAGS="${CFLAGS} ${SRTP_INCLUDE}"
- AC_MSG_CHECKING(for the ability of -lsrtp to be linked in a shared object)
- AC_LINK_IFELSE(
- [
- AC_LANG_PROGRAM(
- [#include <srtp/srtp.h>],
- [srtp_init();]
- )
- ],
- [ AC_MSG_RESULT(yes) ],
- [
- AC_MSG_RESULT(no)
- AC_MSG_WARN(***)
- AC_MSG_WARN(*** libsrtp could not be linked as a shared object.)
- AC_MSG_WARN(*** Try compiling libsrtp manually. Configure libsrtp)
- AC_MSG_WARN(*** with ./configure CFLAGS=-fPIC --prefix=/usr)
- AC_MSG_WARN(*** replacing /usr with the prefix of your choice.)
- AC_MSG_WARN(*** After re-installing libsrtp, re-run the Asterisk)
- AC_MSG_WARN(*** configure script.)
- AC_MSG_WARN(***)
- AC_MSG_WARN(*** If you do not need SRTP support re-run configure)
- AC_MSG_WARN(*** with the --without-srtp option.)
- exit 1
- ]
- )
- LIBS="${saved_libs}"
- LDFLAGS="${saved_ldflags}"
- CFLAGS="${saved_cflags}"
+ AST_EXT_LIB_CHECK([SRTP_256], [srtp2], [srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80])
+ AST_EXT_LIB_CHECK([SRTP_GCM], [srtp2], [srtp_crypto_policy_set_aes_gcm_128_8_auth])
+ AST_EXT_LIB_CHECK([SRTP_SHUTDOWN], [srtp2], [srtp_shutdown], [srtp2/srtp.h])
+
+ # libsrtp2 removed support for PRNG, so we require OpenSSL
+ if test "x$PBX_OPENSSL" != x1;
+ then
+ AC_MSG_WARN([***])
+ AC_MSG_WARN([*** OpenSSL required when using libsrtp2, checking for libsrtp instead.])
+ AC_MSG_WARN([***])
+ PBX_SRTP=0
+ fi
fi
-if test "$PBX_SRTP" = "1";
+if test "x$PBX_SRTP" != x1;
then
- AST_EXT_LIB_CHECK([SRTP_256], [srtp], [crypto_policy_set_aes_cm_256_hmac_sha1_80])
- AST_EXT_LIB_CHECK([SRTP_192], [srtp], [crypto_policy_set_aes_cm_192_hmac_sha1_80])
- AST_EXT_LIB_CHECK([SRTP_GCM], [srtp], [aes_gcm_128_openssl])
-fi
+ AST_EXT_LIB_CHECK([SRTP], [srtp], [srtp_init], [srtp/srtp.h], [], [], [1])
+ AST_EXT_LIB_CHECK_SHARED([SRTP], [srtp], [srtp_init], [srtp/srtp.h], [], [], [], [
+ AC_MSG_WARN([***])
+ AC_MSG_WARN([*** libsrtp could not be linked as a shared object.])
+ AC_MSG_WARN([*** Try compiling libsrtp manually. Configure libsrtp])
+ AC_MSG_WARN([*** with ./configure CFLAGS=-fPIC --prefix=/usr])
+ AC_MSG_WARN([*** replacing /usr with the prefix of your choice.])
+ AC_MSG_WARN([*** After re-installing libsrtp, re-run the Asterisk])
+ AC_MSG_WARN([*** configure script.])
+ AC_MSG_WARN([***])
+ AC_MSG_WARN([*** If you do not need SRTP support re-run configure])
+ AC_MSG_WARN([*** with the --without-srtp option.])
+ exit 1
+ ])
-AST_EXT_LIB_CHECK([SRTP_SHUTDOWN], [srtp], [srtp_shutdown], [srtp/srtp.h])
+ if test "x$PBX_SRTP" = x1;
+ then
+ AST_EXT_LIB_CHECK([SRTP_256], [srtp], [crypto_policy_set_aes_cm_256_hmac_sha1_80])
+ AST_EXT_LIB_CHECK([SRTP_192], [srtp], [crypto_policy_set_aes_cm_192_hmac_sha1_80])
+ AST_EXT_LIB_CHECK([SRTP_GCM], [srtp], [crypto_policy_set_aes_gcm_128_8_auth])
+ AST_EXT_LIB_CHECK([SRTP_SHUTDOWN], [srtp], [srtp_shutdown], [srtp/srtp.h])
+ fi
+fi
for ver in 2.0 2.2 2.4 2.6; do
AST_PKG_CONFIG_CHECK([GMIME], gmime-$ver)
diff --git a/include/asterisk/autoconfig.h.in b/include/asterisk/autoconfig.h.in
index b39386b434..f85ad8d07e 100644
--- a/include/asterisk/autoconfig.h.in
+++ b/include/asterisk/autoconfig.h.in
@@ -917,6 +917,9 @@
/* Define to 1 if SRTP has the SRTP Library Shutdown Function feature. */
#undef HAVE_SRTP_SHUTDOWN
+/* Define to the version of the srtp library. */
+#undef HAVE_SRTP_VERSION
+
/* Define to 1 if you have the ISDN SS7 library. */
#undef HAVE_SS7
diff --git a/res/res_srtp.c b/res/res_srtp.c
index c47a8d55e8..caedfb6c87 100644
--- a/res/res_srtp.c
+++ b/res/res_srtp.c
@@ -38,11 +38,19 @@
#include "asterisk.h" /* for NULL, size_t, memcpy, etc */
#include <math.h> /* for pow */
-#include <srtp/srtp.h>
-#ifdef HAVE_OPENSSL
-#include <openssl/rand.h>
+
+#if HAVE_SRTP_VERSION > 1
+# include <srtp2/srtp.h>
+# include <srtp2/crypto_types.h>
+# include "srtp/srtp_compat.h"
+# include <openssl/rand.h>
#else
-#include <srtp/crypto_kernel.h>
+# include <srtp/srtp.h>
+# ifdef HAVE_OPENSSL
+# include <openssl/rand.h>
+# else
+# include <srtp/crypto_kernel.h>
+# endif
#endif
#include "asterisk/astobj2.h" /* for ao2_t_ref, etc */
diff --git a/res/srtp/srtp_compat.h b/res/srtp/srtp_compat.h
new file mode 100644
index 0000000000..c23daabe13
--- /dev/null
+++ b/res/srtp/srtp_compat.h
@@ -0,0 +1,40 @@
+#ifndef AST_SRTP_COMPAT_H
+#define AST_SRTP_COMPAT_H
+
+/* Compatibility for libsrtp 2.x */
+
+#define crypto_policy_t srtp_crypto_policy_t
+
+#define crypto_policy_set_aes_cm_128_hmac_sha1_80 srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80
+#define crypto_policy_set_aes_cm_128_hmac_sha1_32 srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32
+#define crypto_policy_set_aes_cm_192_hmac_sha1_80 srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80
+#define crypto_policy_set_aes_cm_192_hmac_sha1_32 srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32
+#define crypto_policy_set_aes_cm_256_hmac_sha1_80 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80
+#define crypto_policy_set_aes_cm_256_hmac_sha1_32 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32
+#define crypto_policy_set_aes_gcm_128_16_auth srtp_crypto_policy_set_aes_gcm_128_16_auth
+#define crypto_policy_set_aes_gcm_256_16_auth srtp_crypto_policy_set_aes_gcm_256_16_auth
+#define crypto_policy_set_aes_gcm_128_8_auth srtp_crypto_policy_set_aes_gcm_128_8_auth
+#define crypto_policy_set_aes_gcm_256_8_auth srtp_crypto_policy_set_aes_gcm_256_8_auth
+
+#define AES_128_ICM SRTP_AES_ICM
+#define HMAC_SHA1 SRTP_HMAC_SHA1
+
+#define err_status_t srtp_err_status_t
+#define err_status_ok srtp_err_status_ok
+#define err_status_fail srtp_err_status_fail
+#define err_status_bad_param srtp_err_status_bad_param
+#define err_status_alloc_fail srtp_err_status_alloc_fail
+#define err_status_dealloc_fail srtp_err_status_dealloc_fail
+#define err_status_init_fail srtp_err_status_init_fail
+#define err_status_terminus srtp_err_status_terminus
+#define err_status_auth_fail srtp_err_status_auth_fail
+#define err_status_cipher_fail srtp_err_status_cipher_fail
+#define err_status_replay_fail srtp_err_status_replay_fail
+#define err_status_replay_old srtp_err_status_replay_old
+#define err_status_algo_fail srtp_err_status_algo_fail
+#define err_status_no_such_op srtp_err_status_no_such_op
+#define err_status_no_ctx srtp_err_status_no_ctx
+#define err_status_cant_check srtp_err_status_cant_check
+#define err_status_key_expired srtp_err_status_key_expired
+
+#endif /* AST_SRTP_COMPAT_H */
--
GitLab