Signed-off-by: Johan Pascal <johan.pascal@belledonne-communications.com>
This commit is contained in:
Johan Pascal 2020-09-22 15:51:27 +02:00
parent a455cd9a47
commit e79c1e8121
3 changed files with 13 additions and 10 deletions

View file

@ -1817,8 +1817,8 @@
* *
* Enable support for DTLS-SRTP, RFC5764, use_srtp extension. * Enable support for DTLS-SRTP, RFC5764, use_srtp extension.
* \note Only the dtls-srtp key material negotiation is supported. * \note Only the dtls-srtp key material negotiation is supported.
* Once negotiated, the key should be extracted, and data should be transmitted * Once negotiated, the key should be extracted using mbedtls_ssl_tls_prf()
* via an SRTP stack. * and data should be transmitted via an SRTP stack.
* *
* Requires: MBEDTLS_SSL_PROTO_DTLS * Requires: MBEDTLS_SSL_PROTO_DTLS
* *

View file

@ -3190,13 +3190,13 @@ static inline const char *mbedtls_ssl_get_srtp_profile_as_string ( mbedtls_ssl_s
switch( profile ) switch( profile )
{ {
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80:
return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80"; return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80" );
case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32: case MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32:
return "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32"; return( "MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_32" );
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80:
return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80"; return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_80" );
case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32: case MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32:
return "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32"; return( "MBEDTLS_TLS_SRTP_NULL_HMAC_SHA1_32" );
default: break; default: break;
} }
return( "" ); return( "" );

View file

@ -800,9 +800,9 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
*p++ = (unsigned char)( ext_len & 0xFF ); *p++ = (unsigned char)( ext_len & 0xFF );
/* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */ /* protection profile length: 2*(ssl->conf->dtls_srtp_profile_list_len) */
*p++ = (unsigned char)( ( ( 2 * (ssl->conf->dtls_srtp_profile_list_len) ) *p++ = (unsigned char)( ( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
>> 8 ) & 0xFF ); >> 8 ) & 0xFF );
*p++ = (unsigned char)( ( 2 * (ssl->conf->dtls_srtp_profile_list_len) ) *p++ = (unsigned char)( ( 2 * ssl->conf->dtls_srtp_profile_list_len )
& 0xFF ); & 0xFF );
for( protection_profiles_index=0; for( protection_profiles_index=0;
@ -824,8 +824,11 @@ static void ssl_write_use_srtp_ext( mbedtls_ssl_context *ssl,
* Note: we shall never arrive here as protection profiles * Note: we shall never arrive here as protection profiles
* is checked by ssl_set_dtls_srtp_protection_profiles function * is checked by ssl_set_dtls_srtp_protection_profiles function
*/ */
MBEDTLS_SSL_DEBUG_MSG( 3, ( "client hello, ignore illegal DTLS-SRTP protection profile %d", MBEDTLS_SSL_DEBUG_MSG( 3,
ssl->conf->dtls_srtp_profile_list[protection_profiles_index] ) ); ( "client hello, "
"ignore illegal DTLS-SRTP protection profile %d",
ssl->conf->dtls_srtp_profile_list[protection_profiles_index]
) );
} }
} }