[PATCH 2/2] Support SRTP profile negotiation in the client and server tools

Martin Storsjo martin at martin.st
Wed Oct 31 14:46:23 CET 2012


The cli/serv-args files haven't been regenerated in the patch,
to avoid the extra stray changes due to differing autogen versions.
---
 doc/Makefile.am   |    4 ++++
 lib/libgnutls.map |    2 ++
 src/cli-args.def  |    7 +++++++
 src/cli.c         |    3 +++
 src/common.c      |    9 ++++++++-
 src/serv-args.def |    7 +++++++
 src/serv.c        |    3 +++
 7 files changed, 34 insertions(+), 1 deletion(-)

diff --git a/doc/Makefile.am b/doc/Makefile.am
index 7f4a8a6..0460ffe 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -1615,6 +1615,10 @@ FUNCS += functions/gnutls_srp_set_server_credentials_function
 FUNCS += functions/gnutls_srp_set_server_credentials_function.short
 FUNCS += functions/gnutls_srp_verifier
 FUNCS += functions/gnutls_srp_verifier.short
+FUNCS += functions/gnutls_srtp_get_selected_profile
+FUNCS += functions/gnutls_srtp_get_selected_profile.short
+FUNCS += functions/gnutls_srtp_set_profiles
+FUNCS += functions/gnutls_srtp_set_profiles.short
 FUNCS += functions/gnutls_store_commitment
 FUNCS += functions/gnutls_store_commitment.short
 FUNCS += functions/gnutls_store_pubkey
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 751e49b..cf03d67 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -354,6 +354,8 @@ GNUTLS_1_4
     gnutls_srp_set_server_credentials_file;
     gnutls_srp_set_server_credentials_function;
     gnutls_srp_verifier;
+    gnutls_srtp_get_selected_profile;
+    gnutls_srtp_set_profiles;
     gnutls_strdup;
     gnutls_strerror;
     gnutls_strerror_name;
diff --git a/src/cli-args.def b/src/cli-args.def
index 85952d7..8fafbf4 100644
--- a/src/cli-args.def
+++ b/src/cli-args.def
@@ -113,6 +113,13 @@ flag = {
 };
 
 flag = {
+    name      = srtp_profiles;
+    arg-type  = string;
+    descrip   = "Offer SRTP profiles";
+    doc       = "";
+};
+
+flag = {
     name      = crlf;
     descrip   = "Send CR LF instead of LF";
     doc      = "";
diff --git a/src/cli.c b/src/cli.c
index 2cf50d4..01193e5 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -673,6 +673,9 @@ init_tls_session (const char *hostname)
   if (HAVE_OPT(HEARTBEAT))
     gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
 
+  if (HAVE_OPT(SRTP_PROFILES))
+    gnutls_srtp_set_profiles (session, OPT_ARG(SRTP_PROFILES));
+
   return session;
 }
 
diff --git a/src/common.c b/src/common.c
index 9ef83b6..5b640d6 100644
--- a/src/common.c
+++ b/src/common.c
@@ -594,6 +594,9 @@ print_info (gnutls_session_t session, int verbose, int print_cert)
     gnutls_kx_algorithm_t kx;
     unsigned char session_id[33];
     size_t session_id_size = sizeof (session_id);
+    char srtp_profile[30];
+    size_t srtp_profile_size = sizeof (srtp_profile);
+    int rc;
 
     /* print session ID */
     gnutls_session_get_id (session, session_id, &session_id_size);
@@ -689,10 +692,14 @@ print_info (gnutls_session_t session, int verbose, int print_cert)
             (gnutls_compression_get (session)));
     printf ("- Compression: %s\n", tmp);
 
+    rc = gnutls_srtp_get_selected_profile (session, srtp_profile,
+                                           &srtp_profile_size);
+    if (rc == 0)
+      printf ("- SRTP profile: %s\n", srtp_profile);
+
     if (verbose)
       {
           gnutls_datum_t cb;
-          int rc;
 
           rc = gnutls_session_channel_binding (session,
                                                GNUTLS_CB_TLS_UNIQUE, &cb);
diff --git a/src/serv-args.def b/src/serv-args.def
index df196ba..2132ca8 100644
--- a/src/serv-args.def
+++ b/src/serv-args.def
@@ -62,6 +62,13 @@ flag = {
 };
 
 flag = {
+    name      = srtp_profiles;
+    arg-type  = string;
+    descrip   = "Offer SRTP profiles";
+    doc       = "";
+};
+
+flag = {
     name      = disable-client-cert;
     value     = a;
     descrip   = "Do not request a client certificate";
diff --git a/src/serv.c b/src/serv.c
index 6be7a6d..b64b76d 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -393,6 +393,9 @@ gnutls_session_t initialize_session (int dtls)
   if (HAVE_OPT (HEARTBEAT))
     gnutls_heartbeat_enable(session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
 
+  if (HAVE_OPT (SRTP_PROFILES))
+    gnutls_srtp_set_profiles (session, OPT_ARG(SRTP_PROFILES));
+
   return session;
 }
 
-- 
1.7.9.4





More information about the Gnutls-devel mailing list