From ff532ec31139de5a361ff016965c44d537fadbeb Mon Sep 17 00:00:00 2001 From: Anthony Minessale Date: Mon, 4 Feb 2013 14:12:48 -0600 Subject: [PATCH] try to ifdef so we can still build against openssl older than 1.0.1 (but dtls would not work still in this case) --- src/include/switch_rtp.h | 1 + src/switch_core_media.c | 4 ++-- src/switch_rtp.c | 16 ++++++++++++++-- 3 files changed, 17 insertions(+), 4 deletions(-) diff --git a/src/include/switch_rtp.h b/src/include/switch_rtp.h index 91e7251496..16c7eef86b 100644 --- a/src/include/switch_rtp.h +++ b/src/include/switch_rtp.h @@ -511,6 +511,7 @@ SWITCH_DECLARE(void) switch_rtp_set_interdigit_delay(switch_rtp_t *rtp_session, SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, dtls_fingerprint_t *local_fp, dtls_fingerprint_t *remote_fp, dtls_type_t type); +SWITCH_DECLARE(int) switch_rtp_has_dtls(void); /*! \} diff --git a/src/switch_core_media.c b/src/switch_core_media.c index 957443f1f6..cd04ff682a 100644 --- a/src/switch_core_media.c +++ b/src/switch_core_media.c @@ -3717,7 +3717,7 @@ SWITCH_DECLARE(switch_status_t) switch_core_media_activate_rtp(switch_core_sessi } - if (!zstr(a_engine->local_dtls_fingerprint.str)) { + if (!zstr(a_engine->local_dtls_fingerprint.str) && switch_rtp_has_dtls()) { dtls_type_t xtype, dtype = switch_channel_direction(smh->session->channel) == SWITCH_CALL_DIRECTION_INBOUND ? DTLS_TYPE_CLIENT : DTLS_TYPE_SERVER; xtype = DTLS_TYPE_RTP; @@ -4160,7 +4160,7 @@ SWITCH_DECLARE(switch_status_t) switch_core_media_activate_rtp(switch_core_sessi } - if (!zstr(v_engine->local_dtls_fingerprint.str)) { + if (!zstr(v_engine->local_dtls_fingerprint.str) && switch_rtp_has_dtls()) { dtls_type_t xtype, dtype = switch_channel_direction(smh->session->channel) == SWITCH_CALL_DIRECTION_INBOUND ? DTLS_TYPE_CLIENT : DTLS_TYPE_SERVER; printf("FUCK FP XXXXX %d\n", v_engine->rtcp_mux); diff --git a/src/switch_rtp.c b/src/switch_rtp.c index 86d258ab8e..3c4a7a0631 100644 --- a/src/switch_rtp.c +++ b/src/switch_rtp.c @@ -2111,11 +2111,23 @@ static int cb_verify_peer(int preverify_ok, X509_STORE_CTX *ctx) } #endif +SWITCH_DECLARE(int) switch_rtp_has_dtls(void) { +#ifdef HAVE_OPENSSL_DTLS_SRTP + return 1; +#else + return 0; +#endif +} + SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, dtls_fingerprint_t *local_fp, dtls_fingerprint_t *remote_fp, dtls_type_t type) { switch_dtls_t *dtls; int ret; +#ifndef HAVE_OPENSSL_DTLS_SRTP + return SWITCH_STATUS_FALSE; +#endif + if (!switch_rtp_ready(rtp_session)) { return SWITCH_STATUS_FALSE; } @@ -2152,10 +2164,10 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, d SSL_CTX_set_cipher_list(dtls->ssl_ctx, "ALL"); - +#ifdef HAVE_OPENSSL_DTLS_SRTP //SSL_CTX_set_tlsext_use_srtp(dtls->ssl_ctx, "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32"); SSL_CTX_set_tlsext_use_srtp(dtls->ssl_ctx, "SRTP_AES128_CM_SHA1_80"); - +#endif dtls->type = type; dtls->read_bio = BIO_new(BIO_s_mem());