Re #1069:
- Added new approach of SRTP optional mode in pjsua-lib by duplicating SDP media line for secured and unsecured version of media transport.
- Integrated this feature into pjsua app, it is activated via --use-srtp=3 param.
git-svn-id: https://svn.pjsip.org/repos/pjproject/trunk@3172 74dad513-b988-da41-8d7b-12977e46ad98
diff --git a/pjsip-apps/src/pjsua/pjsua_app.c b/pjsip-apps/src/pjsua/pjsua_app.c
index 6bb23d2..aed2dd5 100644
--- a/pjsip-apps/src/pjsua/pjsua_app.c
+++ b/pjsip-apps/src/pjsua/pjsua_app.c
@@ -178,7 +178,8 @@
puts ("SIP Account options:");
puts (" --use-ims Enable 3GPP/IMS related settings on this account");
#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
- puts (" --use-srtp=N Use SRTP? 0:disabled, 1:optional, 2:mandatory (def:0)");
+ puts (" --use-srtp=N Use SRTP? 0:disabled, 1:optional, 2:mandatory,");
+ puts (" 3:optional by duplicating media offer (def:0)");
puts (" --srtp-secure=N SRTP require secure SIP? 0:no, 1:tls, 1:sips (def:1)");
#endif
puts (" --registrar=url Set the URL of registrar server");
@@ -1092,10 +1093,16 @@
#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
case OPT_USE_SRTP:
app_config.cfg.use_srtp = my_atoi(pj_optarg);
- if (!pj_isdigit(*pj_optarg) || app_config.cfg.use_srtp > 2) {
+ if (!pj_isdigit(*pj_optarg) || app_config.cfg.use_srtp > 3) {
PJ_LOG(1,(THIS_FILE, "Invalid value for --use-srtp option"));
return -1;
}
+ if ((int)app_config.cfg.use_srtp == 3) {
+ /* SRTP optional mode with duplicated media offer */
+ app_config.cfg.use_srtp = PJMEDIA_SRTP_OPTIONAL;
+ app_config.cfg.srtp_optional_dup_offer = PJ_TRUE;
+ cur_acc->srtp_optional_dup_offer = PJ_TRUE;
+ }
cur_acc->use_srtp = app_config.cfg.use_srtp;
break;
case OPT_SRTP_SECURE:
@@ -1503,8 +1510,20 @@
#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
/* SRTP */
if (acc_cfg->use_srtp) {
- pj_ansi_sprintf(line, "--use-srtp %i\n",
- (int)acc_cfg->use_srtp);
+ int use_srtp = (int)acc_cfg->use_srtp;
+ if (use_srtp == PJMEDIA_SRTP_OPTIONAL &&
+ acc_cfg->srtp_optional_dup_offer)
+ {
+ use_srtp = 3;
+ }
+ pj_ansi_sprintf(line, "--use-srtp %i\n", use_srtp);
+ pj_strcat2(result, line);
+ }
+ if (acc_cfg->srtp_secure_signaling !=
+ PJSUA_DEFAULT_SRTP_SECURE_SIGNALING)
+ {
+ pj_ansi_sprintf(line, "--srtp-secure %d\n",
+ acc_cfg->srtp_secure_signaling);
pj_strcat2(result, line);
}
#endif
@@ -1736,8 +1755,13 @@
/* SRTP */
#if PJMEDIA_HAS_SRTP
if (app_config.cfg.use_srtp != PJSUA_DEFAULT_USE_SRTP) {
- pj_ansi_sprintf(line, "--use-srtp %d\n",
- app_config.cfg.use_srtp);
+ int use_srtp = (int)app_config.cfg.use_srtp;
+ if (use_srtp == PJMEDIA_SRTP_OPTIONAL &&
+ app_config.cfg.srtp_optional_dup_offer)
+ {
+ use_srtp = 3;
+ }
+ pj_ansi_sprintf(line, "--use-srtp %d\n", use_srtp);
pj_strcat2(&cfg, line);
}
if (app_config.cfg.srtp_secure_signaling !=
diff --git a/pjsip/include/pjsua-lib/pjsua.h b/pjsip/include/pjsua-lib/pjsua.h
index 5d22808..58574e9 100644
--- a/pjsip/include/pjsua-lib/pjsua.h
+++ b/pjsip/include/pjsua-lib/pjsua.h
@@ -1083,6 +1083,16 @@
* Default: #PJSUA_DEFAULT_SRTP_SECURE_SIGNALING
*/
int srtp_secure_signaling;
+
+ /**
+ * Specify whether SRTP in PJMEDIA_SRTP_OPTIONAL mode should compose
+ * duplicated media in SDP offer, i.e: unsecured and secured version.
+ * Otherwise, the SDP media will be composed as unsecured media but
+ * with SDP "crypto" attribute.
+ *
+ * Default: PJ_FALSE
+ */
+ pj_bool_t srtp_optional_dup_offer;
#endif
/**
@@ -2126,6 +2136,16 @@
* Default: #PJSUA_DEFAULT_SRTP_SECURE_SIGNALING
*/
int srtp_secure_signaling;
+
+ /**
+ * Specify whether SRTP in PJMEDIA_SRTP_OPTIONAL mode should compose
+ * duplicated media in SDP offer, i.e: unsecured and secured version.
+ * Otherwise, the SDP media will be composed as unsecured media but
+ * with SDP "crypto" attribute.
+ *
+ * Default: PJ_FALSE
+ */
+ pj_bool_t srtp_optional_dup_offer;
#endif
/**
diff --git a/pjsip/src/pjsua-lib/pjsua_acc.c b/pjsip/src/pjsua-lib/pjsua_acc.c
index 6af6b3d..3ddcdd5 100644
--- a/pjsip/src/pjsua-lib/pjsua_acc.c
+++ b/pjsip/src/pjsua-lib/pjsua_acc.c
@@ -751,6 +751,7 @@
#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
acc->cfg.use_srtp = cfg->use_srtp;
acc->cfg.srtp_secure_signaling = cfg->srtp_secure_signaling;
+ acc->cfg.srtp_optional_dup_offer = cfg->srtp_optional_dup_offer;
#endif
/* Global outbound proxy */
diff --git a/pjsip/src/pjsua-lib/pjsua_core.c b/pjsip/src/pjsua-lib/pjsua_core.c
index dd89237..5d231cb 100644
--- a/pjsip/src/pjsua-lib/pjsua_core.c
+++ b/pjsip/src/pjsua-lib/pjsua_core.c
@@ -175,6 +175,7 @@
#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
cfg->use_srtp = pjsua_var.ua_cfg.use_srtp;
cfg->srtp_secure_signaling = pjsua_var.ua_cfg.srtp_secure_signaling;
+ cfg->srtp_optional_dup_offer = pjsua_var.ua_cfg.srtp_optional_dup_offer;
#endif
cfg->reg_retry_interval = PJSUA_REG_RETRY_INTERVAL;
}
diff --git a/pjsip/src/pjsua-lib/pjsua_media.c b/pjsip/src/pjsua-lib/pjsua_media.c
index c0a7c3c..ed5a99a 100644
--- a/pjsip/src/pjsua-lib/pjsua_media.c
+++ b/pjsip/src/pjsua-lib/pjsua_media.c
@@ -1369,6 +1369,46 @@
return status;
}
+#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
+ /* Check if SRTP is in optional mode and configured to use duplicated
+ * media, i.e: secured and unsecured version, in the SDP offer.
+ */
+ if (!rem_sdp &&
+ pjsua_var.acc[call->acc_id].cfg.use_srtp == PJMEDIA_SRTP_OPTIONAL &&
+ pjsua_var.acc[call->acc_id].cfg.srtp_optional_dup_offer)
+ {
+ unsigned i;
+
+ for (i = 0; i < sdp->media_count; ++i) {
+ pjmedia_sdp_media *m = sdp->media[i];
+
+ /* Check if this media is unsecured but has SDP "crypto"
+ * attribute.
+ */
+ if (pj_stricmp2(&m->desc.transport, "RTP/AVP") == 0 &&
+ pjmedia_sdp_media_find_attr2(m, "crypto", NULL) != NULL)
+ {
+ pjmedia_sdp_media *new_m;
+
+ /* Duplicate this media and apply secured transport */
+ new_m = pjmedia_sdp_media_clone(pool, m);
+ pj_strdup2(pool, &new_m->desc.transport, "RTP/SAVP");
+
+ /* Remove the "crypto" attribute in the unsecured media */
+ pjmedia_sdp_media_remove_all_attr(m, "crypto");
+
+ /* Insert the new media before the unsecured media */
+ if (sdp->media_count < PJMEDIA_MAX_SDP_MEDIA) {
+ pj_array_insert(sdp->media, sizeof(new_m),
+ sdp->media_count, i, &new_m);
+ ++sdp->media_count;
+ ++i;
+ }
+ }
+ }
+ }
+#endif
+
/* Update currently advertised RTP source address */
pj_memcpy(&call->med_rtp_addr, &tpinfo.sock_info.rtp_addr_name,
sizeof(pj_sockaddr));