Summary:ASTERISK-01622: [patch] add libsrtp
Reporter:cloos (cloos)Labels:
Date Opened:2004-05-14 15:18:56Date Closed:2011-06-07 14:05:14
Versions:Frequency of
Environment:Attachments:( 0) libsrtp.diff.bz2
Description:Patch adds libsrtp in srtp subdir and adjusts top Makefile to build libsrtp.a.

Patch to Makefile is by myself and disclaimed; libsrtp itself is by cisco and under bsd-like license (cf http://srtp.sf.net/license.html).

No changes were made to the files in the new srtp dir; they are libsrtp version 1.3.20.

a make tests (and by consequence make all) in the srtp dir will end with a failure, so I specified make libsrtp.a.

A patch to actually make use of the lib will be forthcoming.


Comments:By: Brian West (bkw918) 2004-05-14 15:27:02

step one   encryption..
Step two   ?????
Step three PROFIT!!!

haha j/k this is killer!


By: Rob Gagnon (rgagnon) 2004-05-14 15:28:29

throwing my support behind this...

Next:  who's gonna get the ATA makers to implement SRTP (that havent yet)

By: Brian West (bkw918) 2004-05-14 15:39:21

ok for some reason its not building yet.

By: Brian West (bkw918) 2004-05-14 15:40:42

well at this point I want secure between asterisk servers :P oh and ./configure needed to be chmoded 755 :P

By: cloos (cloos) 2004-05-14 16:04:54

> and ./configure needed to be chmoded 755

Hmm.  diff;patch lost that.  In the original these files have a+x:

:; find srtp -type f -perm +111

That permission fix should be done after running patch and before commiting it to cvs.

By: Brian West (bkw918) 2004-05-14 16:51:25

asterisk: editline/libedit.a db1-ast/libdb1.a stdtime/libtime.a srtp/libsrtp.a $(OBJS)
       $(CC) $(DEBUG) -o asterisk $(ASTLINK) $(OBJS) $(LIBS) $(LIBEDIT) $(LIBSRTP) db1-ast/libdb1.a stdtime/libtime.a

Must be added there also

By: cloos (cloos) 2004-05-14 17:43:06

yeah, i was waiting until actually using it before linking it in.....

we do need to make sure there isn't any conflicts with the aes code already in the tree...

By: khb (khb) 2004-05-17 17:57:03

Is there a compelling reason to incorporate libsrtp into the Asterisk code base and hardlinking it into asterisk main, rather then just using it as an external library similar to speex and others?  Are you planning on modifying it,
or constructing an interface?  The latter would be more attractive so you can
let others continue to develop the library, as they do.
SRTP would likely be a user option to use, so why hardlink it in?
It also requires additional kernel support (cryptography).

By: Brian West (bkw918) 2004-05-21 01:27:49

CHOP CHOP lets get going ... gotta smack Jim Louderback silly with it! :P


Read that too... laff if must! :)

By: Olle Johansson (oej) 2004-06-14 02:18:48

This works on FreeBSD with minor fixes.

By: cloos (cloos) 2004-06-14 10:39:01

I recently moved (new job) and have been a bit behind on some stuff from before that...

The idea behind including this in the * dist is the same as including the ilbc or gsm libs:  most installs will not include them system-wide.

Perhaps that is a good idea, perhaps not.  Hense the patch offer.

If there is a commitment to add this, I will work on integrating it so that srtp is available.  

To be secure (in the absence of a shared secret or pub/priv key pair), sips (or something similar on the 323 side) will also be required.

(NB that if you have a key pair or a share secret, a session key *can* be securely negotiated w/o a private link; that is after all what tls itself would do in the sips case....)

By: twisted (twisted) 2004-07-08 09:11:23

Let's get an update on this one.

Markster: is this a possibility for CVS integration?

cloos: will this still apply cleanly to current cvs?

Everyone else: input needed.

Thanks :)

By: Mark Spencer (markster) 2004-07-08 09:16:21

It will not go into CVS until it does something.

By: Olle Johansson (oej) 2004-07-15 14:01:58

...start working on rtp.c to integrate this, friends! We'll reopen the bug when we have some code in there.