diff options
Diffstat (limited to 'modules/gzrtp')
-rw-r--r-- | modules/gzrtp/module.mk | 6 | ||||
-rw-r--r-- | modules/gzrtp/srtp.cpp | 327 | ||||
-rw-r--r-- | modules/gzrtp/srtp.h | 46 | ||||
-rw-r--r-- | modules/gzrtp/stream.cpp | 281 | ||||
-rw-r--r-- | modules/gzrtp/stream.h | 8 |
5 files changed, 457 insertions, 211 deletions
diff --git a/modules/gzrtp/module.mk b/modules/gzrtp/module.mk index b95b61d..42e408e 100644 --- a/modules/gzrtp/module.mk +++ b/modules/gzrtp/module.mk @@ -22,7 +22,7 @@ ZRTP_PATH ?= ../ZRTPCPP ZRTP_LIB := $(shell find $(ZRTP_PATH) -name libzrtpcppcore.a) MOD := gzrtp -$(MOD)_SRCS += gzrtp.cpp session.cpp stream.cpp messages.cpp +$(MOD)_SRCS += gzrtp.cpp session.cpp stream.cpp messages.cpp srtp.cpp $(MOD)_LFLAGS += $(ZRTP_LIB) -lstdc++ $(MOD)_CXXFLAGS += \ -I$(ZRTP_PATH) \ @@ -31,4 +31,8 @@ $(MOD)_CXXFLAGS += \ $(MOD)_CXXFLAGS += -O2 -Wall -fPIC +# Uncomment this if you want to use libre SRTP facilities instead of the ones +# provided by ZRTPCPP. In this case only standard ciphers (AES) are supported. +#$(MOD)_CXXFLAGS += -DGZRTP_USE_RE_SRTP=1 + include mk/mod.mk diff --git a/modules/gzrtp/srtp.cpp b/modules/gzrtp/srtp.cpp new file mode 100644 index 0000000..9aaa4b3 --- /dev/null +++ b/modules/gzrtp/srtp.cpp @@ -0,0 +1,327 @@ +/** + * @file srtp.cpp GNU ZRTP: SRTP processing + * + * Copyright (C) 2010 - 2017 Creytiv.com + */ +#include <stdint.h> + +#include <re.h> +#include <baresip.h> + +#ifdef GZRTP_USE_RE_SRTP +#include <string.h> +#else +#include <srtp/CryptoContext.h> +#include <srtp/CryptoContextCtrl.h> +#include <srtp/SrtpHandler.h> +#endif + +#include "srtp.h" + + +Srtp::Srtp(int& err, const SrtpSecret_t *secrets, EnableSecurity part) + +{ + const uint8_t *key, *salt; + uint32_t key_len, salt_len; + + err = EPERM; + +#ifdef GZRTP_USE_RE_SRTP + m_srtp = NULL; +#else + m_cc = NULL; + m_cc_ctrl = NULL; +#endif + + if (part == ForSender) { + // To encrypt packets: intiator uses initiator keys, + // responder uses responder keys + if (secrets->role == Initiator) { + key = secrets->keyInitiator; + key_len = secrets->initKeyLen / 8; + salt = secrets->saltInitiator; + salt_len = secrets->initSaltLen / 8; + } + else { + key = secrets->keyResponder; + key_len = secrets->respKeyLen / 8; + salt = secrets->saltResponder; + salt_len = secrets->respSaltLen / 8; + } + } + else if (part == ForReceiver) { + // To decrypt packets: intiator uses responder keys, + // responder initiator keys + if (secrets->role == Initiator) { + key = secrets->keyResponder; + key_len = secrets->respKeyLen / 8; + salt = secrets->saltResponder; + salt_len = secrets->respSaltLen / 8; + } + else { + key = secrets->keyInitiator; + key_len = secrets->initKeyLen / 8; + salt = secrets->saltInitiator; + salt_len = secrets->initSaltLen / 8; + } + } + else { + err = EINVAL; + return; + } + +#ifdef GZRTP_USE_RE_SRTP + + uint8_t key_buf[32 + 14]; // max key + salt + enum srtp_suite suite; + struct srtp *st; + + if (secrets->symEncAlgorithm == Aes && + secrets->authAlgorithm == Sha1) { + + if (key_len == 16 && secrets->srtpAuthTagLen == 32) + suite = SRTP_AES_CM_128_HMAC_SHA1_32; + + else if (key_len == 16 && secrets->srtpAuthTagLen == 80) + suite = SRTP_AES_CM_128_HMAC_SHA1_80; + + else if (key_len == 32 && secrets->srtpAuthTagLen == 32) + suite = SRTP_AES_256_CM_HMAC_SHA1_32; + + else if (key_len == 32 && secrets->srtpAuthTagLen == 80) + suite = SRTP_AES_256_CM_HMAC_SHA1_80; + + else { + err = ENOTSUP; + return; + } + } + else { + err = ENOTSUP; + return; + } + + if (salt_len != 14) { + err = EINVAL; + return; + } + + memcpy(key_buf, key, key_len); + memcpy(key_buf + key_len, salt, salt_len); + + err = srtp_alloc(&st, suite, key_buf, key_len + salt_len, 0); + if (err) + return; + + m_auth_tag_len = secrets->srtpAuthTagLen / 8; + m_srtp = st; + + err = 0; +#else + + CryptoContext *cc = NULL; + CryptoContextCtrl *cc_ctrl = NULL; + int cipher; + int authn; + int auth_key_len; + + switch (secrets->authAlgorithm) { + case Sha1: + authn = SrtpAuthenticationSha1Hmac; + auth_key_len = 20; + break; + case Skein: + authn = SrtpAuthenticationSkeinHmac; + auth_key_len = 32; + break; + default: + err = ENOTSUP; + return; + } + + switch (secrets->symEncAlgorithm) { + case Aes: + cipher = SrtpEncryptionAESCM; + break; + case TwoFish: + cipher = SrtpEncryptionTWOCM; + break; + default: + err = ENOTSUP; + return; + } + + cc = new CryptoContext( + 0, // SSRC (used for lookup) + 0, // Roll-Over-Counter (ROC) + 0L, // keyderivation << 48, + cipher, // encryption algo + authn, // authtentication algo + (uint8_t *)key, // Master Key + key_len, // Master Key length + (uint8_t *)salt, // Master Salt + salt_len, // Master Salt length + key_len, // encryption keyl + auth_key_len, // authentication key len + salt_len, // session salt len + secrets->srtpAuthTagLen / 8); // authentication tag lenA + + cc_ctrl = new CryptoContextCtrl( + 0, // SSRC (used for lookup) + cipher, // encryption algo + authn, // authtentication algo + (uint8_t *)key, // Master Key + key_len, // Master Key length + (uint8_t *)salt, // Master Salt + salt_len, // Master Salt length + key_len, // encryption keyl + auth_key_len, // authentication key len + salt_len, // session salt len + secrets->srtpAuthTagLen / 8); // authentication tag lenA + + if (!cc || !cc_ctrl) { + delete cc; + delete cc_ctrl; + + err = ENOMEM; + return; + } + + cc->deriveSrtpKeys(0L); + cc_ctrl->deriveSrtcpKeys(); + + m_cc = cc; + m_cc_ctrl = cc_ctrl; + + err = 0; +#endif +} + + +Srtp::~Srtp() +{ +#ifdef GZRTP_USE_RE_SRTP + mem_deref(m_srtp); +#else + delete m_cc; + delete m_cc_ctrl; +#endif +} + + +int Srtp::protect_int(struct mbuf *mb, bool control) +{ + size_t len = mbuf_get_left(mb); + + int32_t extra = (mbuf_get_space(mb) > len)? + mbuf_get_space(mb) - len : 0; + +#ifdef GZRTP_USE_RE_SRTP + if (m_auth_tag_len + (control? 4 : 0) > extra) + return ENOMEM; + + if (control) + return srtcp_encrypt(m_srtp, mb); + else + return srtp_encrypt(m_srtp, mb); +#else + if (control) { + if (m_cc_ctrl->getTagLength() + 4 + + m_cc_ctrl->getMkiLength() > extra) + return ENOMEM; + } + else { + if (m_cc->getTagLength() + + m_cc->getMkiLength() > extra) + return ENOMEM; + } + + bool rc; + + if (control) + rc = SrtpHandler::protectCtrl(m_cc_ctrl, mbuf_buf(mb), + len, &len); + else + rc = SrtpHandler::protect(m_cc, mbuf_buf(mb), len, &len); + if (!rc) + return EPROTO; + + if (len > mbuf_get_space(mb)) { + // this should never happen + error_msg("zrtp: protect: length > space (%u > %u)\n", + len, mbuf_get_space(mb)); + abort(); + } + + mb->end = mb->pos + len; + + return 0; +#endif +} + + +int Srtp::protect(struct mbuf *mb) +{ + return protect_int(mb, false); +} + + +int Srtp::protect_ctrl(struct mbuf *mb) +{ + return protect_int(mb, true); +} + + +// return value: +// 0 - OK +// EBADMSG - SRTP/RTP packet decode error +// EAUTH - SRTP authentication failed +// EALREADY - SRTP replay check failed +// other errors +int Srtp::unprotect_int(struct mbuf *mb, bool control) +{ +#ifdef GZRTP_USE_RE_SRTP + if (control) + return srtcp_decrypt(m_srtp, mb); + else + return srtp_decrypt(m_srtp, mb); +#else + size_t len = mbuf_get_left(mb); + uint32_t rc; + int err; + + if (control) + rc = SrtpHandler::unprotectCtrl(m_cc_ctrl, mbuf_buf(mb), + len, &len); + else + rc = SrtpHandler::unprotect(m_cc, mbuf_buf(mb), + len, &len, NULL); + + switch (rc) { + case 1: err = 0; break; + case 0: err = EBADMSG; break; + case -1: err = EAUTH; break; + case -2: err = EALREADY; break; + default: err = EINVAL; + } + + if (!err) + mb->end = mb->pos + len; + + return err; +#endif +} + + +int Srtp::unprotect(struct mbuf *mb) +{ + return unprotect_int(mb, false); +} + + +int Srtp::unprotect_ctrl(struct mbuf *mb) +{ + return unprotect_int(mb, true); +} + diff --git a/modules/gzrtp/srtp.h b/modules/gzrtp/srtp.h new file mode 100644 index 0000000..d42f4cf --- /dev/null +++ b/modules/gzrtp/srtp.h @@ -0,0 +1,46 @@ +/** + * @file srtp.h GNU ZRTP: SRTP processing + * + * Copyright (C) 2010 - 2017 Creytiv.com + */ +#ifndef __SRTP_H +#define __SRTP_H + + +#include <libzrtpcpp/ZrtpCallback.h> + + +#ifdef GZRTP_USE_RE_SRTP +struct srtp; +#else +class CryptoContext; +class CryptoContextCtrl; +#endif + + +class Srtp { +public: + Srtp(int& err, const SrtpSecret_t *secrets, EnableSecurity part); + ~Srtp(); + + int protect(struct mbuf *mb); + int protect_ctrl(struct mbuf *mb); + int unprotect(struct mbuf *mb); + int unprotect_ctrl(struct mbuf *mb); + +private: + int protect_int(struct mbuf *mb, bool control); + int unprotect_int(struct mbuf *mb, bool control); + +#ifdef GZRTP_USE_RE_SRTP + int32_t m_auth_tag_len; + struct srtp *m_srtp; +#else + CryptoContext *m_cc; + CryptoContextCtrl *m_cc_ctrl; +#endif +}; + + +#endif // __SRTP_H + diff --git a/modules/gzrtp/stream.cpp b/modules/gzrtp/stream.cpp index b367112..d09ca3b 100644 --- a/modules/gzrtp/stream.cpp +++ b/modules/gzrtp/stream.cpp @@ -11,12 +11,10 @@ #include <libzrtpcpp/ZRtp.h> #include <libzrtpcpp/ZrtpStateClass.h> -#include <srtp/CryptoContext.h> -#include <srtp/CryptoContextCtrl.h> -#include <srtp/SrtpHandler.h> #include "session.h" #include "stream.h" +#include "srtp.h" // A burst of SRTP/SRTCP errors enough to display a warning @@ -67,7 +65,28 @@ static enum pkt_type get_packet_type(const struct mbuf *mb) ZRTPConfig::ZRTPConfig(const struct conf *conf, const char *conf_dir) { +#ifdef GZRTP_USE_RE_SRTP + // Standard ciphers only + zrtp.clear(); + + zrtp.addAlgo(HashAlgorithm, zrtpHashes.getByName(s256)); + + zrtp.addAlgo(CipherAlgorithm, zrtpSymCiphers.getByName(aes3)); + zrtp.addAlgo(CipherAlgorithm, zrtpSymCiphers.getByName(aes1)); + + zrtp.addAlgo(PubKeyAlgorithm, zrtpPubKeys.getByName(ec25)); + zrtp.addAlgo(PubKeyAlgorithm, zrtpPubKeys.getByName(dh3k)); + zrtp.addAlgo(PubKeyAlgorithm, zrtpPubKeys.getByName(ec38)); + zrtp.addAlgo(PubKeyAlgorithm, zrtpPubKeys.getByName(dh2k)); + zrtp.addAlgo(PubKeyAlgorithm, zrtpPubKeys.getByName(mult)); + + zrtp.addAlgo(SasType, zrtpSasTypes.getByName(b32)); + + zrtp.addAlgo(AuthLength, zrtpAuthLengths.getByName(hs32)); + zrtp.addAlgo(AuthLength, zrtpAuthLengths.getByName(hs80)); +#else zrtp.setStandardConfig(); +#endif str_ncpy(client_id, "baresip/gzrtp", sizeof(client_id)); @@ -87,37 +106,37 @@ SRTPStat::SRTPStat(const Stream *st, bool srtcp, uint64_t threshold) } -void SRTPStat::update(int32_t ret_code, bool quiet) +void SRTPStat::update(int ret_code, bool quiet) { const char *err_msg; uint64_t *burst; - // SrtpHandler::unprotect/unprotectCtrl return codes + // Srtp::unprotect/unprotect_ctrl return codes switch (ret_code) { - case 1: + case 0: ++m_ok; m_decode_burst = 0; m_auth_burst = 0; m_replay_burst = 0; return; - case 0: + case EBADMSG: ++m_decode; burst = &m_decode_burst; err_msg = "packet decode error"; break; - case -1: + case EAUTH: ++m_auth; burst = &m_auth_burst; err_msg = "authentication failed"; break; - case -2: + case EALREADY: ++m_replay; burst = &m_replay_burst; err_msg = "replay check failed"; break; default: - warning("zrtp: Unknown return code from unprotect: %d\n", - ret_code); + warning("zrtp: %s unprotect failed: %m\n", + (m_control)? "SRTCP" : "SRTP", ret_code); return; } @@ -156,10 +175,8 @@ Stream::Stream(int& err, const ZRTPConfig& config, Session *session, , m_uh_rtp(NULL) , m_uh_rtcp(NULL) , m_media_type(media_type) - , m_send_cc(NULL) - , m_recv_cc(NULL) - , m_send_cc_ctrl(NULL) - , m_recv_cc_ctrl(NULL) + , m_send_srtp(NULL) + , m_recv_srtp(NULL) , m_srtp_stat(this, false, SRTP_ERR_BURST_THRESHOLD) , m_srtcp_stat(this, true, SRTP_ERR_BURST_THRESHOLD) { @@ -275,7 +292,7 @@ void Stream::stop() // thus make sure we have a second retained shared secret available. // Refer to RFC 6189bis, chapter 4.6.1 50 packets are about 1 second // of audio data - if (!m_zrtp->isMultiStream() && m_recv_cc && m_srtp_stat.ok() < 20) { + if (!m_zrtp->isMultiStream() && m_recv_srtp && m_srtp_stat.ok() < 20) { debug("zrtp: Stream <%s>: received too few valid SRTP " "packets (%u), storing RS2\n", @@ -288,17 +305,11 @@ void Stream::stop() m_zrtp->stopZrtp(); - delete m_send_cc; - m_send_cc = NULL; + delete m_send_srtp; + m_send_srtp = NULL; - delete m_recv_cc; - m_recv_cc = NULL; - - delete m_send_cc_ctrl; - m_send_cc_ctrl = NULL; - - delete m_recv_cc_ctrl; - m_recv_cc_ctrl = NULL; + delete m_recv_srtp; + m_recv_srtp = NULL; debug("zrtp: Stream <%s> stopped\n", media_name()); } @@ -341,59 +352,30 @@ bool Stream::udp_helper_send(int *err, struct sa *src, struct mbuf *mb) enum pkt_type ptype = get_packet_type(mb); size_t len = mbuf_get_left(mb); - size_t newlen = 0; - bool rc = false; + int rerr = 0; - if (ptype == PKT_TYPE_RTCP && m_send_cc_ctrl && len > 8) { + if (ptype == PKT_TYPE_RTCP && m_send_srtp && len > 8) { - int32_t extra = (mbuf_get_space(mb) > len)? - mbuf_get_space(mb) - len : 0; - - if (m_send_cc_ctrl->getTagLength() + 4 + - m_send_cc_ctrl->getMkiLength() > extra) { - warning("zrtp: Stream <%s>: No space left for SRTCP " - "packet\n", media_name()); - *err = ENOMEM; - return true; - } - - rc = SrtpHandler::protectCtrl(m_send_cc_ctrl, mbuf_buf(mb), - len, &newlen); + rerr = m_send_srtp->protect_ctrl(mb); } - else if (ptype == PKT_TYPE_RTP && m_send_cc && len > RTP_HEADER_SIZE) { - - int32_t extra = (mbuf_get_space(mb) > len)? - mbuf_get_space(mb) - len : 0; - - if (m_send_cc->getTagLength() + - m_send_cc->getMkiLength() > extra) { - warning("zrtp: Stream <%s>: No space left for SRTP " - "packet\n", media_name()); - *err = ENOMEM; - return true; - } + else if (ptype == PKT_TYPE_RTP && m_send_srtp && + len > RTP_HEADER_SIZE) { - rc = SrtpHandler::protect(m_send_cc, mbuf_buf(mb), - len, &newlen); + rerr = m_send_srtp->protect(mb); } else return false; - if (!rc) { - warning("zrtp: protect/protectCtrl failed, len: %u\n", len); + if (rerr) { + warning("zrtp: protect/protect_ctrl failed (len=%u): %m\n", + len, rerr); + + if (rerr == ENOMEM) + *err = rerr; // drop return true; } - if (newlen > mbuf_get_space(mb)) { - // this should never happen - error_msg("zrtp: udp_helper_send: length > space (%u > %u)\n", - newlen, mbuf_get_space(mb)); - abort(); - } - - mb->end = mb->pos + newlen; - return false; } @@ -415,39 +397,27 @@ bool Stream::udp_helper_recv(struct sa *src, struct mbuf *mb) return false; enum pkt_type ptype = get_packet_type(mb); - size_t len = mbuf_get_left(mb); - size_t newlen = 0; - uint32_t rc; - - if (ptype == PKT_TYPE_RTCP && m_recv_cc_ctrl) { + int err = 0; - rc = SrtpHandler::unprotectCtrl(m_recv_cc_ctrl, mbuf_buf(mb), - len, &newlen); + if (ptype == PKT_TYPE_RTCP && m_recv_srtp) { - m_srtcp_stat.update(rc); + err = m_recv_srtp->unprotect_ctrl(mb); - if (rc != 1) - // drop - return true; + m_srtcp_stat.update(err); } - else if (ptype == PKT_TYPE_RTP && m_recv_cc) { + else if (ptype == PKT_TYPE_RTP && m_recv_srtp) { - rc = SrtpHandler::unprotect(m_recv_cc, mbuf_buf(mb), - len, &newlen, NULL); + err = m_recv_srtp->unprotect(mb); - m_srtp_stat.update(rc); + m_srtp_stat.update(err); - if (rc == 1) { + if (!err) { // Got a good SRTP, check state and if in WaitConfAck // (an Initiator state) then simulate a conf2Ack, // refer to RFC 6189, chapter 4.6, last paragraph if (m_zrtp->inState(WaitConfAck)) m_zrtp->conf2AckSecure(); } - else { - // drop - return true; - } } else if (ptype == PKT_TYPE_ZRTP) { return recv_zrtp(mb); @@ -455,7 +425,9 @@ bool Stream::udp_helper_recv(struct sa *src, struct mbuf *mb) else return false; - mb->end = mb->pos + newlen; + if (err) + // drop + return true; return false; } @@ -607,124 +579,27 @@ void Stream::sendInfo(GnuZrtpCodes::MessageSeverity severity, int32_t subCode) bool Stream::srtpSecretsReady(SrtpSecret_t* secrets, EnableSecurity part) { - CryptoContext *cc = NULL; - CryptoContextCtrl *cc_ctrl = NULL; - int cipher; - int authn; - int auth_key_len; - const uint8_t *key, *salt; - uint32_t key_len, salt_len; + Srtp *s; + int err = 0; debug("zrtp: Stream <%s>: secrets are ready for %s\n", media_name(), (part == ForSender)? "sender" : "receiver"); - switch (secrets->authAlgorithm) { - case Sha1: - authn = SrtpAuthenticationSha1Hmac; - auth_key_len = 20; - break; - case Skein: - authn = SrtpAuthenticationSkeinHmac; - auth_key_len = 32; - break; - default: - return false; - } - - switch (secrets->symEncAlgorithm) { - case Aes: - cipher = SrtpEncryptionAESCM; - break; - case TwoFish: - cipher = SrtpEncryptionTWOCM; - break; - default: - return false; - } - - if (part == ForSender) { - // To encrypt packets: intiator uses initiator keys, - // responder uses responder keys - if (secrets->role == Initiator) { - key = secrets->keyInitiator; - key_len = secrets->initKeyLen / 8; - salt = secrets->saltInitiator; - salt_len = secrets->initSaltLen / 8; - } - else { - key = secrets->keyResponder; - key_len = secrets->respKeyLen / 8; - salt = secrets->saltResponder; - salt_len = secrets->respSaltLen / 8; - } - } - else if (part == ForReceiver) { - // To decrypt packets: intiator uses responder keys, - // responder initiator keys - if (secrets->role == Initiator) { - key = secrets->keyResponder; - key_len = secrets->respKeyLen / 8; - salt = secrets->saltResponder; - salt_len = secrets->respSaltLen / 8; - } - else { - key = secrets->keyInitiator; - key_len = secrets->initKeyLen / 8; - salt = secrets->saltInitiator; - salt_len = secrets->initSaltLen / 8; - } - } - else { + s = new Srtp(err, secrets, part); + if (!s || err) { + warning("zrtp: Stream <%s>: Srtp creation failed: %m\n", + media_name(), err); + delete s; return false; } - cc = new CryptoContext( - 0, // SSRC (used for lookup) - 0, // Roll-Over-Counter (ROC) - 0L, // keyderivation << 48, - cipher, // encryption algo - authn, // authtentication algo - (uint8_t *)key, // Master Key - key_len, // Master Key length - (uint8_t *)salt, // Master Salt - salt_len, // Master Salt length - key_len, // encryption keyl - auth_key_len, // authentication key len - salt_len, // session salt len - secrets->srtpAuthTagLen / 8); // authentication tag lenA - - cc_ctrl = new CryptoContextCtrl( - 0, // SSRC (used for lookup) - cipher, // encryption algo - authn, // authtentication algo - (uint8_t *)key, // Master Key - key_len, // Master Key length - (uint8_t *)salt, // Master Salt - salt_len, // Master Salt length - key_len, // encryption keyl - auth_key_len, // authentication key len - salt_len, // session salt len - secrets->srtpAuthTagLen / 8); // authentication tag lenA - - if (!cc || !cc_ctrl) { - delete cc; - delete cc_ctrl; - + if (part == ForSender) + m_send_srtp = s; + else if (part == ForReceiver) + m_recv_srtp = s; + else return false; - } - - cc->deriveSrtpKeys(0L); - cc_ctrl->deriveSrtcpKeys(); - - if (part == ForSender) { - m_send_cc = cc; - m_send_cc_ctrl = cc_ctrl; - } - else { - m_recv_cc = cc; - m_recv_cc_ctrl = cc_ctrl; - } return true; } @@ -737,17 +612,13 @@ void Stream::srtpSecretsOff(EnableSecurity part) (part == ForSender)? "sender" : "receiver"); if (part == ForSender) { - delete m_send_cc; - delete m_send_cc_ctrl; - m_send_cc = NULL; - m_send_cc_ctrl = NULL; + delete m_send_srtp; + m_send_srtp = NULL; } if (part == ForReceiver) { - delete m_recv_cc; - delete m_recv_cc_ctrl; - m_recv_cc = NULL; - m_recv_cc_ctrl = NULL; + delete m_recv_srtp; + m_recv_srtp = NULL; } } diff --git a/modules/gzrtp/stream.h b/modules/gzrtp/stream.h index 4f2f987..7d8736e 100644 --- a/modules/gzrtp/stream.h +++ b/modules/gzrtp/stream.h @@ -41,7 +41,7 @@ class Stream; class SRTPStat { public: SRTPStat(const Stream *st, bool srtcp, uint64_t threshold); - void update(int32_t ret_code, bool quiet = false); + void update(int ret_code, bool quiet = false); void reset(); uint64_t ok() { return m_ok; } private: @@ -54,8 +54,7 @@ private: class Session; -class CryptoContext; -class CryptoContextCtrl; +class Srtp; class Stream : public ZrtpCallback { public: @@ -105,8 +104,7 @@ private: struct udp_helper *m_uh_rtp; struct udp_helper *m_uh_rtcp; StreamMediaType m_media_type; - CryptoContext *m_send_cc, *m_recv_cc; - CryptoContextCtrl *m_send_cc_ctrl, *m_recv_cc_ctrl; + Srtp *m_send_srtp, *m_recv_srtp; SRTPStat m_srtp_stat, m_srtcp_stat; std::string m_sas, m_ciphers; |