kenmirrors/asterisk
1
0
Fork 0
mirror of https://github.com/asterisk/asterisk.git synced 2025-09-03 03:20:57 +00:00
Code Issues Packages Projects Releases Wiki Activity

res_srtp: Enable AES-256 and AES-GCM.

Browse Source 
ASTERISK-26190 #close

Change-Id: I11326d80edd656524a51a19450e586c583aa0a0b
This commit is contained in:
Alexander Traud
2016-07-13 12:24:46 +02:00
parent c2a72e6aa6
commit 1d2173c7ae
9 changed files with 811 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

374
configure vendored
View File

@@ -778,6 +778,18 @@ PBX_SRTP_SHUTDOWN
SRTP_SHUTDOWN_DIR
SRTP_SHUTDOWN_INCLUDE
SRTP_SHUTDOWN_LIB
PBX_SRTP_GCM
SRTP_GCM_DIR
SRTP_GCM_INCLUDE
SRTP_GCM_LIB
PBX_SRTP_192
SRTP_192_DIR
SRTP_192_INCLUDE
SRTP_192_LIB
PBX_SRTP_256
SRTP_256_DIR
SRTP_256_INCLUDE
SRTP_256_LIB
PBX_SRTP
SRTP_DIR
SRTP_INCLUDE
@@ -11395,6 +11407,42 @@ fi
SRTP_256_DESCRIP="SRTP Library AES-256 (ICM)"
SRTP_256_OPTION=srtp
SRTP_256_DIR=${SRTP_DIR}
PBX_SRTP_256=0
SRTP_192_DESCRIP="SRTP Library AES-192 (ICM)"
SRTP_192_OPTION=srtp
SRTP_192_DIR=${SRTP_DIR}
PBX_SRTP_192=0
SRTP_GCM_DESCRIP="SRTP Library AES-128 (GCM) and AES-256 (GCM)"
SRTP_GCM_OPTION=srtp
SRTP_GCM_DIR=${SRTP_DIR}
PBX_SRTP_GCM=0
SRTP_SHUTDOWN_DESCRIP="SRTP Library Shutdown Function"
SRTP_SHUTDOWN_OPTION=srtp
SRTP_SHUTDOWN_DIR=${SRTP_DIR}
@@ -13802,7 +13850,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -13848,7 +13896,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -13872,7 +13920,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -13917,7 +13965,7 @@ else
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -13941,7 +13989,7 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
We can't simply define LARGE_OFF_T to be 9223372036854775807,
since some C++ compilers masquerading as C compilers
incorrectly reject 9223372036854775807. */
#define LARGE_OFF_T (((off_t) 1 << 62) - 1 + ((off_t) 1 << 62))
#define LARGE_OFF_T ((((off_t) 1 << 31) << 31) - 1 + (((off_t) 1 << 31) << 31))
int off_t_is_large[(LARGE_OFF_T % 2147483629 == 721
&& LARGE_OFF_T % 2147483647 == 1)
? 1 : -1];
@@ -31820,6 +31868,322 @@ rm -f core conftest.err conftest.$ac_objext \
CFLAGS="${saved_cflags}"
fi
if test "$PBX_SRTP" = "1";
then
if test "x${PBX_SRTP_256}" != "x1" -a "${USE_SRTP_256}" != "no"; then
pbxlibdir=""
# if --with-SRTP_256=DIR has been specified, use it.
if test "x${SRTP_256_DIR}" != "x"; then
if test -d ${SRTP_256_DIR}/lib; then
pbxlibdir="-L${SRTP_256_DIR}/lib"
else
pbxlibdir="-L${SRTP_256_DIR}"
fi
fi
pbxfuncname="crypto_policy_set_aes_cm_256_hmac_sha1_80"
if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
AST_SRTP_256_FOUND=yes
else
ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
CFLAGS="${CFLAGS} "
as_ac_Lib=`$as_echo "ac_cv_lib_srtp_${pbxfuncname}" | $as_tr_sh`
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp" >&5
$as_echo_n "checking for ${pbxfuncname} in -lsrtp... " >&6; }
if eval \${$as_ac_Lib+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_check_lib_save_LIBS=$LIBS
LIBS="-lsrtp ${pbxlibdir} $LIBS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char ${pbxfuncname} ();
int
main ()
{
return ${pbxfuncname} ();
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
eval "$as_ac_Lib=yes"
else
eval "$as_ac_Lib=no"
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
eval ac_res=\$$as_ac_Lib
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
$as_echo "$ac_res" >&6; }
if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
AST_SRTP_256_FOUND=yes
else
AST_SRTP_256_FOUND=no
fi
CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
fi
# now check for the header.
if test "${AST_SRTP_256_FOUND}" = "yes"; then
SRTP_256_LIB="${pbxlibdir} -lsrtp "
# if --with-SRTP_256=DIR has been specified, use it.
if test "x${SRTP_256_DIR}" != "x"; then
SRTP_256_INCLUDE="-I${SRTP_256_DIR}/include"
fi
SRTP_256_INCLUDE="${SRTP_256_INCLUDE} "
if test "x" = "x" ; then # no header, assume found
SRTP_256_HEADER_FOUND="1"
else # check for the header
ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
CPPFLAGS="${CPPFLAGS} ${SRTP_256_INCLUDE}"
ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"
if test "x$ac_cv_header_" = xyes; then :
SRTP_256_HEADER_FOUND=1
else
SRTP_256_HEADER_FOUND=0
fi
CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
fi
if test "x${SRTP_256_HEADER_FOUND}" = "x0" ; then
SRTP_256_LIB=""
SRTP_256_INCLUDE=""
else
if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
SRTP_256_LIB=""
fi
PBX_SRTP_256=1
cat >>confdefs.h <<_ACEOF
#define HAVE_SRTP_256 1
_ACEOF
fi
fi
fi
if test "x${PBX_SRTP_192}" != "x1" -a "${USE_SRTP_192}" != "no"; then
pbxlibdir=""
# if --with-SRTP_192=DIR has been specified, use it.
if test "x${SRTP_192_DIR}" != "x"; then
if test -d ${SRTP_192_DIR}/lib; then
pbxlibdir="-L${SRTP_192_DIR}/lib"
else
pbxlibdir="-L${SRTP_192_DIR}"
fi
fi
pbxfuncname="crypto_policy_set_aes_cm_192_hmac_sha1_80"
if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
AST_SRTP_192_FOUND=yes
else
ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
CFLAGS="${CFLAGS} "
as_ac_Lib=`$as_echo "ac_cv_lib_srtp_${pbxfuncname}" | $as_tr_sh`
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp" >&5
$as_echo_n "checking for ${pbxfuncname} in -lsrtp... " >&6; }
if eval \${$as_ac_Lib+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_check_lib_save_LIBS=$LIBS
LIBS="-lsrtp ${pbxlibdir} $LIBS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char ${pbxfuncname} ();
int
main ()
{
return ${pbxfuncname} ();
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
eval "$as_ac_Lib=yes"
else
eval "$as_ac_Lib=no"
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
eval ac_res=\$$as_ac_Lib
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
$as_echo "$ac_res" >&6; }
if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
AST_SRTP_192_FOUND=yes
else
AST_SRTP_192_FOUND=no
fi
CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
fi
# now check for the header.
if test "${AST_SRTP_192_FOUND}" = "yes"; then
SRTP_192_LIB="${pbxlibdir} -lsrtp "
# if --with-SRTP_192=DIR has been specified, use it.
if test "x${SRTP_192_DIR}" != "x"; then
SRTP_192_INCLUDE="-I${SRTP_192_DIR}/include"
fi
SRTP_192_INCLUDE="${SRTP_192_INCLUDE} "
if test "x" = "x" ; then # no header, assume found
SRTP_192_HEADER_FOUND="1"
else # check for the header
ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
CPPFLAGS="${CPPFLAGS} ${SRTP_192_INCLUDE}"
ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"
if test "x$ac_cv_header_" = xyes; then :
SRTP_192_HEADER_FOUND=1
else
SRTP_192_HEADER_FOUND=0
fi
CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
fi
if test "x${SRTP_192_HEADER_FOUND}" = "x0" ; then
SRTP_192_LIB=""
SRTP_192_INCLUDE=""
else
if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
SRTP_192_LIB=""
fi
PBX_SRTP_192=1
cat >>confdefs.h <<_ACEOF
#define HAVE_SRTP_192 1
_ACEOF
fi
fi
fi
if test "x${PBX_SRTP_GCM}" != "x1" -a "${USE_SRTP_GCM}" != "no"; then
pbxlibdir=""
# if --with-SRTP_GCM=DIR has been specified, use it.
if test "x${SRTP_GCM_DIR}" != "x"; then
if test -d ${SRTP_GCM_DIR}/lib; then
pbxlibdir="-L${SRTP_GCM_DIR}/lib"
else
pbxlibdir="-L${SRTP_GCM_DIR}"
fi
fi
pbxfuncname="aes_gcm_128_openssl"
if test "x${pbxfuncname}" = "x" ; then # empty lib, assume only headers
AST_SRTP_GCM_FOUND=yes
else
ast_ext_lib_check_save_CFLAGS="${CFLAGS}"
CFLAGS="${CFLAGS} "
as_ac_Lib=`$as_echo "ac_cv_lib_srtp_${pbxfuncname}" | $as_tr_sh`
{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${pbxfuncname} in -lsrtp" >&5
$as_echo_n "checking for ${pbxfuncname} in -lsrtp... " >&6; }
if eval \${$as_ac_Lib+:} false; then :
$as_echo_n "(cached) " >&6
else
ac_check_lib_save_LIBS=$LIBS
LIBS="-lsrtp ${pbxlibdir} $LIBS"
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
/* Override any GCC internal prototype to avoid an error.
Use char because int might match the return type of a GCC
builtin and then its argument prototype would still apply. */
#ifdef __cplusplus
extern "C"
#endif
char ${pbxfuncname} ();
int
main ()
{
return ${pbxfuncname} ();
;
return 0;
}
_ACEOF
if ac_fn_c_try_link "$LINENO"; then :
eval "$as_ac_Lib=yes"
else
eval "$as_ac_Lib=no"
fi
rm -f core conftest.err conftest.$ac_objext \
conftest$ac_exeext conftest.$ac_ext
LIBS=$ac_check_lib_save_LIBS
fi
eval ac_res=\$$as_ac_Lib
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
$as_echo "$ac_res" >&6; }
if eval test \"x\$"$as_ac_Lib"\" = x"yes"; then :
AST_SRTP_GCM_FOUND=yes
else
AST_SRTP_GCM_FOUND=no
fi
CFLAGS="${ast_ext_lib_check_save_CFLAGS}"
fi
# now check for the header.
if test "${AST_SRTP_GCM_FOUND}" = "yes"; then
SRTP_GCM_LIB="${pbxlibdir} -lsrtp "
# if --with-SRTP_GCM=DIR has been specified, use it.
if test "x${SRTP_GCM_DIR}" != "x"; then
SRTP_GCM_INCLUDE="-I${SRTP_GCM_DIR}/include"
fi
SRTP_GCM_INCLUDE="${SRTP_GCM_INCLUDE} "
if test "x" = "x" ; then # no header, assume found
SRTP_GCM_HEADER_FOUND="1"
else # check for the header
ast_ext_lib_check_saved_CPPFLAGS="${CPPFLAGS}"
CPPFLAGS="${CPPFLAGS} ${SRTP_GCM_INCLUDE}"
ac_fn_c_check_header_mongrel "$LINENO" "" "ac_cv_header_" "$ac_includes_default"
if test "x$ac_cv_header_" = xyes; then :
SRTP_GCM_HEADER_FOUND=1
else
SRTP_GCM_HEADER_FOUND=0
fi
CPPFLAGS="${ast_ext_lib_check_saved_CPPFLAGS}"
fi
if test "x${SRTP_GCM_HEADER_FOUND}" = "x0" ; then
SRTP_GCM_LIB=""
SRTP_GCM_INCLUDE=""
else
if test "x${pbxfuncname}" = "x" ; then # only checking headers -> no library
SRTP_GCM_LIB=""
fi
PBX_SRTP_GCM=1
cat >>confdefs.h <<_ACEOF
#define HAVE_SRTP_GCM 1
_ACEOF
fi
fi
fi
fi
if test "x${PBX_SRTP_SHUTDOWN}" != "x1" -a "${USE_SRTP_SHUTDOWN}" != "no"; then
pbxlibdir=""