Index: webrtc/pc/srtpfilter.cc |
diff --git a/webrtc/pc/srtpfilter.cc b/webrtc/pc/srtpfilter.cc |
index 9e7cc665f27bb7b6110102609f8eb9726e67c231..3f38d11a08804de1a284954ed97e5e0560866327 100644 |
--- a/webrtc/pc/srtpfilter.cc |
+++ b/webrtc/pc/srtpfilter.cc |
@@ -23,6 +23,7 @@ |
#include "webrtc/base/stringencode.h" |
#include "webrtc/base/timeutils.h" |
#include "webrtc/media/base/rtputils.h" |
+#include "webrtc/pc/externalhmac.h" |
// Enable this line to turn on SRTP debugging |
// #define SRTP_DEBUG |
@@ -33,21 +34,19 @@ extern "C" { |
#include "srtp.h" // NOLINT |
#include "srtp_priv.h" // NOLINT |
#else |
-#include "third_party/libsrtp/srtp/include/srtp.h" |
-#include "third_party/libsrtp/srtp/include/srtp_priv.h" |
+#include "third_party/libsrtp/include/srtp.h" |
+#include "third_party/libsrtp/include/srtp_priv.h" |
#endif // SRTP_RELATIVE_PATH |
} |
-#ifdef ENABLE_EXTERNAL_AUTH |
-#include "webrtc/pc/externalhmac.h" |
-#endif // ENABLE_EXTERNAL_AUTH |
+ |
#if !defined(NDEBUG) |
-extern "C" debug_module_t mod_srtp; |
-extern "C" debug_module_t mod_auth; |
-extern "C" debug_module_t mod_cipher; |
-extern "C" debug_module_t mod_stat; |
-extern "C" debug_module_t mod_alloc; |
-extern "C" debug_module_t mod_aes_icm; |
-extern "C" debug_module_t mod_aes_hmac; |
+extern "C" srtp_debug_module_t mod_srtp; |
+extern "C" srtp_debug_module_t mod_auth; |
+extern "C" srtp_debug_module_t mod_cipher; |
+extern "C" srtp_debug_module_t mod_stat; |
+extern "C" srtp_debug_module_t mod_alloc; |
+extern "C" srtp_debug_module_t mod_aes_icm; |
+extern "C" srtp_debug_module_t mod_aes_hmac; |
#endif |
#endif // HAVE_SRTP |
@@ -537,7 +536,7 @@ bool SrtpSession::ProtectRtp(void* p, int in_len, int max_len, int* out_len) { |
} |
int seq_num; |
GetRtpSeqNum(p, in_len, &seq_num); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_WARNING) << "Failed to protect SRTP packet, seqnum=" |
<< seq_num << ", err=" << err << ", last seqnum=" |
<< last_send_seq_num_; |
@@ -575,7 +574,7 @@ bool SrtpSession::ProtectRtcp(void* p, int in_len, int max_len, int* out_len) { |
*out_len = in_len; |
int err = srtp_protect_rtcp(session_, p, out_len); |
srtp_stat_->AddProtectRtcpResult(err); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_WARNING) << "Failed to protect SRTCP packet, err=" << err; |
return false; |
} |
@@ -595,7 +594,7 @@ bool SrtpSession::UnprotectRtp(void* p, int in_len, int* out_len) { |
if (GetRtpSsrc(p, in_len, &ssrc)) { |
srtp_stat_->AddUnprotectRtpResult(ssrc, err); |
} |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_WARNING) << "Failed to unprotect SRTP packet, err=" << err; |
return false; |
} |
@@ -612,7 +611,7 @@ bool SrtpSession::UnprotectRtcp(void* p, int in_len, int* out_len) { |
*out_len = in_len; |
int err = srtp_unprotect_rtcp(session_, p, out_len); |
srtp_stat_->AddUnprotectRtcpResult(err); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_WARNING) << "Failed to unprotect SRTCP packet, err=" << err; |
return false; |
} |
@@ -657,7 +656,8 @@ bool SrtpSession::GetSendStreamPacketIndex(void* p, |
// Shift packet index, put into network byte order |
*index = static_cast<int64_t>( |
- rtc::NetworkToHost64(rdbx_get_packet_index(&stream->rtp_rdbx) << 16)); |
+ rtc::NetworkToHost64( |
+ srtp_rdbx_get_packet_index(&stream->rtp_rdbx) << 16)); |
return true; |
} |
@@ -680,19 +680,20 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, size_t len) { |
srtp_policy_t policy; |
memset(&policy, 0, sizeof(policy)); |
if (cs == rtc::SRTP_AES128_CM_SHA1_80) { |
- crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp); |
- crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); |
+ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtp); |
+ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); |
} else if (cs == rtc::SRTP_AES128_CM_SHA1_32) { |
- crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtp); // rtp is 32, |
- crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); // rtcp still 80 |
+ // RTP HMAC is shortened to 32 bits, but RTCP remains 80 bits. |
+ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&policy.rtp); |
+ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(&policy.rtcp); |
#if !defined(ENABLE_EXTERNAL_AUTH) |
// TODO(jbauch): Re-enable once https://crbug.com/628400 is resolved. |
} else if (cs == rtc::SRTP_AEAD_AES_128_GCM) { |
- crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp); |
- crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp); |
+ srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp); |
+ srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp); |
} else if (cs == rtc::SRTP_AEAD_AES_256_GCM) { |
- crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp); |
- crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp); |
+ srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp); |
+ srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp); |
#endif // ENABLE_EXTERNAL_AUTH |
} else { |
LOG(LS_WARNING) << "Failed to create SRTP session: unsupported" |
@@ -716,7 +717,7 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, size_t len) { |
return false; |
} |
- policy.ssrc.type = static_cast<ssrc_type_t>(type); |
+ policy.ssrc.type = static_cast<srtp_ssrc_type_t>(type); |
policy.ssrc.value = 0; |
policy.key = const_cast<uint8_t*>(key); |
// TODO(astor) parse window size from WSH session-param |
@@ -735,7 +736,7 @@ bool SrtpSession::SetKey(int type, int cs, const uint8_t* key, size_t len) { |
policy.next = nullptr; |
int err = srtp_create(&session_, &policy); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
session_ = nullptr; |
LOG(LS_ERROR) << "Failed to create SRTP session, err=" << err; |
return false; |
@@ -753,19 +754,19 @@ bool SrtpSession::Init() { |
if (!inited_) { |
int err; |
err = srtp_init(); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_ERROR) << "Failed to init SRTP, err=" << err; |
return false; |
} |
err = srtp_install_event_handler(&SrtpSession::HandleEventThunk); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_ERROR) << "Failed to install SRTP event handler, err=" << err; |
return false; |
} |
#if defined(ENABLE_EXTERNAL_AUTH) |
err = external_crypto_init(); |
- if (err != err_status_ok) { |
+ if (err != srtp_err_status_ok) { |
LOG(LS_ERROR) << "Failed to initialize fake auth, err=" << err; |
return false; |
} |
@@ -877,10 +878,10 @@ void SrtpStat::AddProtectRtpResult(uint32_t ssrc, int result) { |
key.ssrc = ssrc; |
key.mode = SrtpFilter::PROTECT; |
switch (result) { |
- case err_status_ok: |
+ case srtp_err_status_ok: |
key.error = SrtpFilter::ERROR_NONE; |
break; |
- case err_status_auth_fail: |
+ case srtp_err_status_auth_fail: |
key.error = SrtpFilter::ERROR_AUTH; |
break; |
default: |
@@ -894,14 +895,14 @@ void SrtpStat::AddUnprotectRtpResult(uint32_t ssrc, int result) { |
key.ssrc = ssrc; |
key.mode = SrtpFilter::UNPROTECT; |
switch (result) { |
- case err_status_ok: |
+ case srtp_err_status_ok: |
key.error = SrtpFilter::ERROR_NONE; |
break; |
- case err_status_auth_fail: |
+ case srtp_err_status_auth_fail: |
key.error = SrtpFilter::ERROR_AUTH; |
break; |
- case err_status_replay_fail: |
- case err_status_replay_old: |
+ case srtp_err_status_replay_fail: |
+ case srtp_err_status_replay_old: |
key.error = SrtpFilter::ERROR_REPLAY; |
break; |
default: |