yuzu/mbedtls
1
0
Fork 0
mirror of https://github.com/yuzu-emu/mbedtls.git synced 2025-02-24 08:07:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

set protection profile API gets a MBEDTLS_TLS_SRTP_UNSET terminated list

Browse source 
Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
Johan Pascal 2020-09-22 13:04:45 +02:00
parent 43f9490a52
commit 253d0263a6
4 changed files with 34 additions and 45 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
include/mbedtls/ssl.h
View file

@ -3204,13 +3204,13 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
* \brief Set the supported DTLS-SRTP protection profiles. * \brief Set the supported DTLS-SRTP protection profiles.
* *
* \param conf SSL configuration * \param conf SSL configuration
* \param profiles List of supported protection profiles, * \param profiles Pointer to a List of MBEDTLS_TLS_SRTP_UNSET terminated
* supported protection profiles
* in decreasing preference order. * in decreasing preference order.
* The pointer to the list is * The pointer to the list is recorded by the library
* recorded by the library for later reference as required, * for later reference as required, so the lifetime
* so the lifetime of the table must be at least as long * of the table must be at least as long as the lifetime
* as the lifetime of the SSL configuration structure. * of the SSL configuration structure.
* \param profiles_number Number of supported profiles.
* *
* \return 0 on success * \return 0 on success
* \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of * \return #MBEDTLS_ERR_SSL_BAD_INPUT_DATA when the list of
@ -3218,8 +3218,7 @@ void mbedtls_ssl_conf_srtp_mki_value_supported( mbedtls_ssl_config *conf,
*/ */
int mbedtls_ssl_conf_dtls_srtp_protection_profiles int mbedtls_ssl_conf_dtls_srtp_protection_profiles
( mbedtls_ssl_config *conf, ( mbedtls_ssl_config *conf,
const mbedtls_ssl_srtp_profile *profiles, const mbedtls_ssl_srtp_profile *profiles );
size_t profiles_number );
/** /**
* \brief Set the mki_value for the current DTLS-SRTP session. * \brief Set the mki_value for the current DTLS-SRTP session.

36
library/ssl_tls.c
View file

@ -4735,38 +4735,36 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl,
} }
int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf,
const mbedtls_ssl_srtp_profile *profiles, const mbedtls_ssl_srtp_profile *profiles )
size_t profiles_number )
{ {
size_t i; const mbedtls_ssl_srtp_profile *p;
/* size_t list_size = 0;
* Check input validity : must be a list of profiles from enumeration.
* Maximum length is 4 as only 4 protection profiles are defined.
*/
if( profiles_number > 4 )
{
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
/* check the profiles list: all entry must be valid,
for( i=0; i < profiles_number; i++ ) * its size cannot be more than the total number of supported profiles, currently 4 */
for( p = profiles; *p != MBEDTLS_TLS_SRTP_UNSET && list_size < 5; p++ )
{ {
switch( profiles[i] ) switch( *p )
{ {
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
list_size++;
break; break;
default: default: /* unsupported value, stop parsing and set the size to an error value */
conf->dtls_srtp_profile_list = NULL; list_size = 5;
conf->dtls_srtp_profile_list_len = 0;
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
} }
} }
if ( list_size > 4 ) {
conf->dtls_srtp_profile_list = NULL;
conf->dtls_srtp_profile_list_len = 0;
return( MBEDTLS_ERR_SSL_BAD_INPUT_DATA );
}
conf->dtls_srtp_profile_list = profiles; conf->dtls_srtp_profile_list = profiles;
conf->dtls_srtp_profile_list_len = profiles_number; conf->dtls_srtp_profile_list_len = list_size;
return( 0 ); return( 0 );
} }

15
programs/ssl/ssl_client2.c
View file

@ -1249,7 +1249,8 @@ int main( int argc, char *argv[] )
MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32, MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80, MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
MBEDTLS_TLS_SRTP_UNSET
}; };
#endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_DTLS_SRTP */
#endif /* MBEDTLS_SSL_EXPORT_KEYS */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */
@ -2334,18 +2335,12 @@ int main( int argc, char *argv[] )
{ {
if( opt.force_srtp_profile != 0 ) if( opt.force_srtp_profile != 0 )
{ {
const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile }; const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, forced_profile );
( &conf,
forced_profile,
sizeof( forced_profile ) / sizeof( mbedtls_ssl_srtp_profile ) );
} }
else else
{ {
ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles ( &conf, default_profiles );
( &conf,
default_profiles,
sizeof( default_profiles ) / sizeof( mbedtls_ssl_srtp_profile ) );
} }
if( ret != 0 ) if( ret != 0 )

13
programs/ssl/ssl_server2.c
View file

@ -1880,7 +1880,8 @@ int main( int argc, char *argv[] )
MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80, MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32, MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32,
MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80, MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80,
MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32 MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32,
MBEDTLS_TLS_SRTP_UNSET
}; };
#endif /* MBEDTLS_SSL_DTLS_SRTP */ #endif /* MBEDTLS_SSL_DTLS_SRTP */
#endif /* MBEDTLS_SSL_EXPORT_KEYS */ #endif /* MBEDTLS_SSL_EXPORT_KEYS */
@ -3146,16 +3147,12 @@ int main( int argc, char *argv[] )
{ {
if( opt.force_srtp_profile != 0 ) if( opt.force_srtp_profile != 0 )
{ {
const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile }; const mbedtls_ssl_srtp_profile forced_profile[] = { opt.force_srtp_profile, MBEDTLS_TLS_SRTP_UNSET };
ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, forced_profile );
forced_profile,
sizeof( forced_profile ) / sizeof( mbedtls_ssl_srtp_profile ) );
} }
else else
{ {
ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, ret = mbedtls_ssl_conf_dtls_srtp_protection_profiles( &conf, default_profiles );
default_profiles,
sizeof( default_profiles ) / sizeof( mbedtls_ssl_srtp_profile ) );
} }
if( ret != 0 ) if( ret != 0 )