Context Navigation

← Previous Change
Next Change →

pjsua_call.c

Timestamp:

Feb 2, 2008 5:07:18 PM (17 years ago)

Author:

bennylp

Message:

More ticket #61: fixed signaling security level calculation for SRTP

File:

: 1 edited

pjproject/trunk/pjsip/src/pjsua-lib/pjsua_call.c (modified) (8 diffs)

Legend:

: Unmodified
: Added
: Removed

pjproject/trunk/pjsip/src/pjsua-lib/pjsua_call.c

-                      r1757
+                      r1774
  *  1: if TLS transport is used for immediate hop
  *  2: if end-to-end signaling is secure.
+ *
+ * NOTE:
+ *  THIS IS WRONG. It should take into account the route-set.
+ */
+static int get_secure_level(const pj_str_t *dst_uri)
+ */
+static int get_secure_level(pjsua_acc_id acc_id, const pj_str_t *dst_uri)
+{
     const pj_str_t tls = pj_str(";transport=tls");
     const pj_str_t sips = pj_str("sips:");
+    PJ_TODO(Fix_get_secure_level);
+    pjsua_acc *acc = &pjsua_var.acc[acc_id];
     if (pj_stristr(dst_uri, &sips))
         return 2;
+    if (pj_stristr(dst_uri, &tls))
+        return 1;
+    if (!pj_list_empty(&acc->route_set)) {
+        pjsip_route_hdr *r = acc->route_set.next;
+        pjsip_uri *uri = r->name_addr.uri;
+        pjsip_sip_uri *sip_uri;
+        sip_uri = (pjsip_sip_uri*)pjsip_uri_get_uri(uri);
+        if (pj_stricmp2(&sip_uri->transport_param, "tls")==0)
+            return 1;
+    } else {
+        if (pj_stristr(dst_uri, &tls))
+            return 1;
+    }
     return 0;
+}
+static int call_get_secure_level(pjsua_call *call)
+{
+    if (call->inv->dlg->secure)
+        return 2;
+    if (!pj_list_empty(&call->inv->dlg->route_set)) {
+        pjsip_route_hdr *r = call->inv->dlg->route_set.next;
+        pjsip_uri *uri = r->name_addr.uri;
+        pjsip_sip_uri *sip_uri;
+        sip_uri = (pjsip_sip_uri*)pjsip_uri_get_uri(uri);
+        if (pj_stricmp2(&sip_uri->transport_param, "tls")==0)
+            return 1;
+    } else {
+        pjsip_sip_uri *sip_uri;
+        if (PJSIP_URI_SCHEME_IS_SIPS(call->inv->dlg->target))
+            return 2;
+        if (!PJSIP_URI_SCHEME_IS_SIP(call->inv->dlg->target))
+            return 0;
+        sip_uri = (pjsip_sip_uri*) pjsip_uri_get_uri(call->inv->dlg->target);
+        if (pj_stricmp2(&sip_uri->transport_param, "tls")==0)
+            return 1;
+    }
+    return 0;
+}
 /*
 …
+    }
+    /* Calculate call's secure level */
+    call->secure_level = get_secure_level(acc_id, dest_uri);
     /* Init media channel */
     status = pjsua_media_channel_init(call->index, PJSIP_ROLE_UAC,
                                       get_secure_level(dest_uri), NULL);
+                                      call->secure_level, NULL);
     if (status != PJ_SUCCESS) {
         pjsua_perror(THIS_FILE, "Error initializing media channel", status);
 …
     pjsua_call *call;
     int call_id = -1;
     int secure_level, sip_err_code;
+    int sip_err_code;
     pjmedia_sdp_session *offer, *answer;
     pj_status_t status;
 …
     acc_id = call->acc_id = pjsua_acc_find_for_incoming(rdata);
+#if defined(PJMEDIA_HAS_SRTP) && (PJMEDIA_HAS_SRTP != 0)
+    /* Get signaling security level, only when required by SRTP */
+    if (pjsua_var.acc[acc_id].cfg.srtp_secure_signaling < 2) {
+        secure_level = PJSIP_TRANSPORT_IS_SECURE(rdata->tp_info.transport)!=0;
+    } else
+#endif
+    {
+        char *uri;
+        int uri_len;
+        pj_str_t dst;
+        uri = pj_pool_alloc(rdata->tp_info.pool, PJSIP_MAX_URL_SIZE);
+        uri_len = pjsip_uri_print(PJSIP_URI_IN_REQ_URI,
+                                  rdata->msg_info.msg->line.req.uri,
+                                  uri, PJSIP_MAX_URL_SIZE);
+        if (uri_len < 1) {
+            pjsua_perror(THIS_FILE, "Error analyzing dst URI",
+                         PJSIP_EURITOOLONG);
+            uri_len = 0;
+        }
+        dst.ptr = uri;
+        dst.slen = uri_len;
+        secure_level = get_secure_level(&dst);
+    }
+    /* Get call's secure level */
+    if (PJSIP_URI_SCHEME_IS_SIPS(rdata->msg_info.msg->line.req.uri))
+        call->secure_level = 2;
+    else if (PJSIP_TRANSPORT_IS_SECURE(rdata->tp_info.transport))
+        call->secure_level = 1;
+    else
+        call->secure_level = 0;
     /* Init media channel */
     status = pjsua_media_channel_init(call->index, PJSIP_ROLE_UAS,
                                       secure_level, &sip_err_code);
+                                      call->secure_level, &sip_err_code);
     if (status != PJ_SUCCESS) {
         pjsua_perror(THIS_FILE, "Error initializing media channel", status);
 …
+    }
+    /* Update call secure level */
+    call->secure_level = call_get_secure_level(call);
     /* Init media channel */
     status = pjsua_media_channel_init(call->index, PJSIP_ROLE_UAC,
+                                      get_secure_level(&dlg->remote.info_str),
+                                      NULL);
+                                      call->secure_level, NULL);
     if (status != PJ_SUCCESS) {
         pjsua_perror(THIS_FILE, "Error initializing media channel", status);
 …
         return status;
+    /* Update call's secure level */
+    call->secure_level = call_get_secure_level(call);
     /* Init media channel */
     status = pjsua_media_channel_init(call->index, PJSIP_ROLE_UAC,
+                                      get_secure_level(&dlg->remote.info_str),
+                                      NULL);
+                                      call->secure_level, NULL);
     if (status != PJ_SUCCESS) {
         pjsua_perror(THIS_FILE, "Error initializing media channel", status);
 …
         status = create_inactive_sdp( call, &answer );
     } else {
-        int secure_level;
         PJ_LOG(4,(THIS_FILE, "Call %d: received updated media offer",
                   call->index));
+        /* Update call's secure level */
+        call->secure_level = call_get_secure_level(call);
         /* Init media channel */
-        secure_level = get_secure_level(&call->inv->dlg->remote.info_str);
         status = pjsua_media_channel_init(call->index, PJSIP_ROLE_UAS,
                                           secure_level, NULL);
+                                          call->secure_level, NULL);
         if (status != PJ_SUCCESS) {
             pjsua_perror(THIS_FILE, "Error initializing media channel", status);
 …
         status = create_inactive_sdp( call, offer );
     } else {
-        int secure_level;
         PJ_LOG(4,(THIS_FILE, "Call %d: asked to send a new offer",
                   call->index));
+        /* Update call's secure level */
+        call->secure_level = call_get_secure_level(call);
         /* Init media channel */
-        secure_level = get_secure_level(&call->inv->dlg->remote.info_str);
         status = pjsua_media_channel_init(call->index, PJSIP_ROLE_UAC,
                                           secure_level, NULL);
+                                          call->secure_level, NULL);
         if (status != PJ_SUCCESS) {
             pjsua_perror(THIS_FILE, "Error initializing media channel", status);

Note: See TracChangeset for help on using the changeset viewer.

Context Navigation

Changeset 1774 for pjproject/trunk/pjsip/src/pjsua-lib/pjsua_call.c

Legend:

pjproject/trunk/pjsip/src/pjsua-lib/pjsua_call.c

Download in other formats: