[gnutls-devel] [PATCH] Pick the matching SRTP profile with the highest priority according to the server

[Martin Storsjo]

---

This is the alternative way of matching, similar to how OpenSSL seems
to do it. Now the order of profile suggestions from the client doesn't
matter, only the order of profiles at the server.

Nikos, you can choose which version you think makes more sense, I
don't really have too much of an opinion about it. Currently, the
code picks the last one to match which isn't too good though.

---

 lib/ext/srtp.c |   10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/lib/ext/srtp.c b/lib/ext/srtp.c
index 95d7a3f..026663d 100644
--- a/lib/ext/srtp.c
+++ b/lib/ext/srtp.c
@@ -173,7 +173,7 @@ static int
 _gnutls_srtp_recv_params (gnutls_session_t session,
                           const uint8_t *data, size_t _data_size)
 {
-  unsigned int i;
+  unsigned int i, match_index;
   int ret;
   const uint8_t *p = data;
   int len;
@@ -208,6 +208,8 @@ _gnutls_srtp_recv_params (gnutls_session_t session,
         return gnutls_assert_val(GNUTLS_E_UNEXPECTED_PACKET_LENGTH);
     }
 
+  priv->selected_profile = 0;
+
   while (len > 0)
     {
       DECR_LEN (data_size, 2);
@@ -217,7 +219,11 @@ _gnutls_srtp_recv_params (gnutls_session_t session,
         {
           if (priv->profiles[i] == profile)
             {
-              priv->selected_profile = profile;
+              if (priv->selected_profile == 0 || i < match_index)
+                {
+                  priv->selected_profile = profile;
+                  match_index = i;
+                }
               break;
             }
         }
-- 
1.7.9.4