[PATCH 2/2] Support SRTP profile negotiation in the client and server tools
Martin Storsjo
martin at martin.st
Wed Oct 31 14:46:23 CET 2012
The cli/serv-args files haven't been regenerated in the patch,
to avoid the extra stray changes due to differing autogen versions.
---
doc/Makefile.am | 4 ++++
lib/libgnutls.map | 2 ++
src/cli-args.def | 7 +++++++
src/cli.c | 3 +++
src/common.c | 9 ++++++++-
src/serv-args.def | 7 +++++++
src/serv.c | 3 +++
7 files changed, 34 insertions(+), 1 deletion(-)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 7f4a8a6..0460ffe 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -1615,6 +1615,10 @@ FUNCS += functions/gnutls_srp_set_server_credentials_function
FUNCS += functions/gnutls_srp_set_server_credentials_function.short
FUNCS += functions/gnutls_srp_verifier
FUNCS += functions/gnutls_srp_verifier.short
+FUNCS += functions/gnutls_srtp_get_selected_profile
+FUNCS += functions/gnutls_srtp_get_selected_profile.short
+FUNCS += functions/gnutls_srtp_set_profiles
+FUNCS += functions/gnutls_srtp_set_profiles.short
FUNCS += functions/gnutls_store_commitment
FUNCS += functions/gnutls_store_commitment.short
FUNCS += functions/gnutls_store_pubkey
diff --git a/lib/libgnutls.map b/lib/libgnutls.map
index 751e49b..cf03d67 100644
--- a/lib/libgnutls.map
+++ b/lib/libgnutls.map
@@ -354,6 +354,8 @@ GNUTLS_1_4
gnutls_srp_set_server_credentials_file;
gnutls_srp_set_server_credentials_function;
gnutls_srp_verifier;
+ gnutls_srtp_get_selected_profile;
+ gnutls_srtp_set_profiles;
gnutls_strdup;
gnutls_strerror;
gnutls_strerror_name;
diff --git a/src/cli-args.def b/src/cli-args.def
index 85952d7..8fafbf4 100644
--- a/src/cli-args.def
+++ b/src/cli-args.def
@@ -113,6 +113,13 @@ flag = {
};
flag = {
+ name = srtp_profiles;
+ arg-type = string;
+ descrip = "Offer SRTP profiles";
+ doc = "";
+};
+
+flag = {
name = crlf;
descrip = "Send CR LF instead of LF";
doc = "";
diff --git a/src/cli.c b/src/cli.c
index 2cf50d4..01193e5 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -673,6 +673,9 @@ init_tls_session (const char *hostname)
if (HAVE_OPT(HEARTBEAT))
gnutls_heartbeat_enable (session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
+ if (HAVE_OPT(SRTP_PROFILES))
+ gnutls_srtp_set_profiles (session, OPT_ARG(SRTP_PROFILES));
+
return session;
}
diff --git a/src/common.c b/src/common.c
index 9ef83b6..5b640d6 100644
--- a/src/common.c
+++ b/src/common.c
@@ -594,6 +594,9 @@ print_info (gnutls_session_t session, int verbose, int print_cert)
gnutls_kx_algorithm_t kx;
unsigned char session_id[33];
size_t session_id_size = sizeof (session_id);
+ char srtp_profile[30];
+ size_t srtp_profile_size = sizeof (srtp_profile);
+ int rc;
/* print session ID */
gnutls_session_get_id (session, session_id, &session_id_size);
@@ -689,10 +692,14 @@ print_info (gnutls_session_t session, int verbose, int print_cert)
(gnutls_compression_get (session)));
printf ("- Compression: %s\n", tmp);
+ rc = gnutls_srtp_get_selected_profile (session, srtp_profile,
+ &srtp_profile_size);
+ if (rc == 0)
+ printf ("- SRTP profile: %s\n", srtp_profile);
+
if (verbose)
{
gnutls_datum_t cb;
- int rc;
rc = gnutls_session_channel_binding (session,
GNUTLS_CB_TLS_UNIQUE, &cb);
diff --git a/src/serv-args.def b/src/serv-args.def
index df196ba..2132ca8 100644
--- a/src/serv-args.def
+++ b/src/serv-args.def
@@ -62,6 +62,13 @@ flag = {
};
flag = {
+ name = srtp_profiles;
+ arg-type = string;
+ descrip = "Offer SRTP profiles";
+ doc = "";
+};
+
+flag = {
name = disable-client-cert;
value = a;
descrip = "Do not request a client certificate";
diff --git a/src/serv.c b/src/serv.c
index 6be7a6d..b64b76d 100644
--- a/src/serv.c
+++ b/src/serv.c
@@ -393,6 +393,9 @@ gnutls_session_t initialize_session (int dtls)
if (HAVE_OPT (HEARTBEAT))
gnutls_heartbeat_enable(session, GNUTLS_HB_PEER_ALLOWED_TO_SEND);
+ if (HAVE_OPT (SRTP_PROFILES))
+ gnutls_srtp_set_profiles (session, OPT_ARG(SRTP_PROFILES));
+
return session;
}
--
1.7.9.4
More information about the Gnutls-devel
mailing list