00001
00002
00003
00004
00005
00006
00007
00008
00009
00010
00011
00012
00013
00014
00015
00016
00017
00018
00019
00020
00021
00022
00023
00024
00025
00026
00027
00028
00029
00030
00031
00032
00033
00034
00035
00036
00037
00038 #include "asterisk.h"
00039
00040 ASTERISK_FILE_VERSION(__FILE__, "$Revision: 426140 $")
00041
00042 #include <srtp/srtp.h>
00043 #include <srtp/crypto_kernel.h>
00044
00045 #include "asterisk/lock.h"
00046 #include "asterisk/sched.h"
00047 #include "asterisk/module.h"
00048 #include "asterisk/options.h"
00049 #include "asterisk/rtp_engine.h"
00050 #include "asterisk/astobj2.h"
00051
00052 struct ast_srtp {
00053 struct ast_rtp_instance *rtp;
00054 struct ao2_container *policies;
00055 srtp_t session;
00056 const struct ast_srtp_cb *cb;
00057 void *data;
00058 int warned;
00059 unsigned char buf[8192 + AST_FRIENDLY_OFFSET];
00060 unsigned char rtcpbuf[8192 + AST_FRIENDLY_OFFSET];
00061 };
00062
00063 struct ast_srtp_policy {
00064 srtp_policy_t sp;
00065 };
00066
00067
00068 static int g_initialized = 0;
00069
00070
00071 static int ast_srtp_create(struct ast_srtp **srtp, struct ast_rtp_instance *rtp, struct ast_srtp_policy *policy);
00072 static int ast_srtp_replace(struct ast_srtp **srtp, struct ast_rtp_instance *rtp, struct ast_srtp_policy *policy);
00073 static void ast_srtp_destroy(struct ast_srtp *srtp);
00074 static int ast_srtp_add_stream(struct ast_srtp *srtp, struct ast_srtp_policy *policy);
00075 static int ast_srtp_change_source(struct ast_srtp *srtp, unsigned int from_ssrc, unsigned int to_ssrc);
00076
00077 static int ast_srtp_unprotect(struct ast_srtp *srtp, void *buf, int *len, int rtcp);
00078 static int ast_srtp_protect(struct ast_srtp *srtp, void **buf, int *len, int rtcp);
00079 static void ast_srtp_set_cb(struct ast_srtp *srtp, const struct ast_srtp_cb *cb, void *data);
00080 static int ast_srtp_get_random(unsigned char *key, size_t len);
00081
00082
00083 static struct ast_srtp_policy *ast_srtp_policy_alloc(void);
00084 static void ast_srtp_policy_destroy(struct ast_srtp_policy *policy);
00085 static int ast_srtp_policy_set_suite(struct ast_srtp_policy *policy, enum ast_srtp_suite suite);
00086 static int ast_srtp_policy_set_master_key(struct ast_srtp_policy *policy, const unsigned char *key, size_t key_len, const unsigned char *salt, size_t salt_len);
00087 static void ast_srtp_policy_set_ssrc(struct ast_srtp_policy *policy, unsigned long ssrc, int inbound);
00088
00089 static struct ast_srtp_res srtp_res = {
00090 .create = ast_srtp_create,
00091 .replace = ast_srtp_replace,
00092 .destroy = ast_srtp_destroy,
00093 .add_stream = ast_srtp_add_stream,
00094 .change_source = ast_srtp_change_source,
00095 .set_cb = ast_srtp_set_cb,
00096 .unprotect = ast_srtp_unprotect,
00097 .protect = ast_srtp_protect,
00098 .get_random = ast_srtp_get_random
00099 };
00100
00101 static struct ast_srtp_policy_res policy_res = {
00102 .alloc = ast_srtp_policy_alloc,
00103 .destroy = ast_srtp_policy_destroy,
00104 .set_suite = ast_srtp_policy_set_suite,
00105 .set_master_key = ast_srtp_policy_set_master_key,
00106 .set_ssrc = ast_srtp_policy_set_ssrc
00107 };
00108
00109 static const char *srtp_errstr(int err)
00110 {
00111 switch(err) {
00112 case err_status_ok:
00113 return "nothing to report";
00114 case err_status_fail:
00115 return "unspecified failure";
00116 case err_status_bad_param:
00117 return "unsupported parameter";
00118 case err_status_alloc_fail:
00119 return "couldn't allocate memory";
00120 case err_status_dealloc_fail:
00121 return "couldn't deallocate properly";
00122 case err_status_init_fail:
00123 return "couldn't initialize";
00124 case err_status_terminus:
00125 return "can't process as much data as requested";
00126 case err_status_auth_fail:
00127 return "authentication failure";
00128 case err_status_cipher_fail:
00129 return "cipher failure";
00130 case err_status_replay_fail:
00131 return "replay check failed (bad index)";
00132 case err_status_replay_old:
00133 return "replay check failed (index too old)";
00134 case err_status_algo_fail:
00135 return "algorithm failed test routine";
00136 case err_status_no_such_op:
00137 return "unsupported operation";
00138 case err_status_no_ctx:
00139 return "no appropriate context found";
00140 case err_status_cant_check:
00141 return "unable to perform desired validation";
00142 case err_status_key_expired:
00143 return "can't use key any more";
00144 default:
00145 return "unknown";
00146 }
00147 }
00148
00149 static int policy_hash_fn(const void *obj, const int flags)
00150 {
00151 const struct ast_srtp_policy *policy = obj;
00152
00153 return policy->sp.ssrc.type == ssrc_specific ? policy->sp.ssrc.value : policy->sp.ssrc.type;
00154 }
00155
00156 static int policy_cmp_fn(void *obj, void *arg, int flags)
00157 {
00158 const struct ast_srtp_policy *one = obj, *two = arg;
00159
00160 return one->sp.ssrc.type == two->sp.ssrc.type && one->sp.ssrc.value == two->sp.ssrc.value;
00161 }
00162
00163 static struct ast_srtp_policy *find_policy(struct ast_srtp *srtp, const srtp_policy_t *policy, int flags)
00164 {
00165 struct ast_srtp_policy tmp = {
00166 .sp = {
00167 .ssrc.type = policy->ssrc.type,
00168 .ssrc.value = policy->ssrc.value,
00169 },
00170 };
00171
00172 return ao2_t_find(srtp->policies, &tmp, flags, "Looking for policy");
00173 }
00174
00175 static struct ast_srtp *res_srtp_new(void)
00176 {
00177 struct ast_srtp *srtp;
00178
00179 if (!(srtp = ast_calloc(1, sizeof(*srtp)))) {
00180 ast_log(LOG_ERROR, "Unable to allocate memory for srtp\n");
00181 return NULL;
00182 }
00183
00184 if (!(srtp->policies = ao2_t_container_alloc(5, policy_hash_fn, policy_cmp_fn, "SRTP policy container"))) {
00185 ast_free(srtp);
00186 return NULL;
00187 }
00188
00189 srtp->warned = 1;
00190
00191 return srtp;
00192 }
00193
00194
00195
00196
00197 static void srtp_event_cb(srtp_event_data_t *data)
00198 {
00199 switch (data->event) {
00200 case event_ssrc_collision:
00201 ast_debug(1, "SSRC collision\n");
00202 break;
00203 case event_key_soft_limit:
00204 ast_debug(1, "event_key_soft_limit\n");
00205 break;
00206 case event_key_hard_limit:
00207 ast_debug(1, "event_key_hard_limit\n");
00208 break;
00209 case event_packet_index_limit:
00210 ast_debug(1, "event_packet_index_limit\n");
00211 break;
00212 }
00213 }
00214
00215 static void ast_srtp_policy_set_ssrc(struct ast_srtp_policy *policy,
00216 unsigned long ssrc, int inbound)
00217 {
00218 if (ssrc) {
00219 policy->sp.ssrc.type = ssrc_specific;
00220 policy->sp.ssrc.value = ssrc;
00221 } else {
00222 policy->sp.ssrc.type = inbound ? ssrc_any_inbound : ssrc_any_outbound;
00223 }
00224 }
00225
00226 static void policy_destructor(void *obj)
00227 {
00228 struct ast_srtp_policy *policy = obj;
00229
00230 if (policy->sp.key) {
00231 ast_free(policy->sp.key);
00232 policy->sp.key = NULL;
00233 }
00234 }
00235
00236 static struct ast_srtp_policy *ast_srtp_policy_alloc()
00237 {
00238 struct ast_srtp_policy *tmp;
00239
00240 if (!(tmp = ao2_t_alloc(sizeof(*tmp), policy_destructor, "Allocating policy"))) {
00241 ast_log(LOG_ERROR, "Unable to allocate memory for srtp_policy\n");
00242 }
00243
00244 return tmp;
00245 }
00246
00247 static void ast_srtp_policy_destroy(struct ast_srtp_policy *policy)
00248 {
00249 ao2_t_ref(policy, -1, "Destroying policy");
00250 }
00251
00252 static int policy_set_suite(crypto_policy_t *p, enum ast_srtp_suite suite)
00253 {
00254 switch (suite) {
00255 case AST_AES_CM_128_HMAC_SHA1_80:
00256 p->cipher_type = AES_128_ICM;
00257 p->cipher_key_len = 30;
00258 p->auth_type = HMAC_SHA1;
00259 p->auth_key_len = 20;
00260 p->auth_tag_len = 10;
00261 p->sec_serv = sec_serv_conf_and_auth;
00262 return 0;
00263
00264 case AST_AES_CM_128_HMAC_SHA1_32:
00265 p->cipher_type = AES_128_ICM;
00266 p->cipher_key_len = 30;
00267 p->auth_type = HMAC_SHA1;
00268 p->auth_key_len = 20;
00269 p->auth_tag_len = 4;
00270 p->sec_serv = sec_serv_conf_and_auth;
00271 return 0;
00272
00273 default:
00274 ast_log(LOG_ERROR, "Invalid crypto suite: %u\n", suite);
00275 return -1;
00276 }
00277 }
00278
00279 static int ast_srtp_policy_set_suite(struct ast_srtp_policy *policy, enum ast_srtp_suite suite)
00280 {
00281 return policy_set_suite(&policy->sp.rtp, suite) | policy_set_suite(&policy->sp.rtcp, suite);
00282 }
00283
00284 static int ast_srtp_policy_set_master_key(struct ast_srtp_policy *policy, const unsigned char *key, size_t key_len, const unsigned char *salt, size_t salt_len)
00285 {
00286 size_t size = key_len + salt_len;
00287 unsigned char *master_key;
00288
00289 if (policy->sp.key) {
00290 ast_free(policy->sp.key);
00291 policy->sp.key = NULL;
00292 }
00293
00294 if (!(master_key = ast_calloc(1, size))) {
00295 return -1;
00296 }
00297
00298 memcpy(master_key, key, key_len);
00299 memcpy(master_key + key_len, salt, salt_len);
00300
00301 policy->sp.key = master_key;
00302
00303 return 0;
00304 }
00305
00306 static int ast_srtp_get_random(unsigned char *key, size_t len)
00307 {
00308 return crypto_get_random(key, len) != err_status_ok ? -1: 0;
00309 }
00310
00311 static void ast_srtp_set_cb(struct ast_srtp *srtp, const struct ast_srtp_cb *cb, void *data)
00312 {
00313 if (!srtp) {
00314 return;
00315 }
00316
00317 srtp->cb = cb;
00318 srtp->data = data;
00319 }
00320
00321
00322 static int ast_srtp_unprotect(struct ast_srtp *srtp, void *buf, int *len, int rtcp)
00323 {
00324 int res = 0;
00325 int i;
00326 int retry = 0;
00327 struct ast_rtp_instance_stats stats = {0,};
00328
00329 tryagain:
00330
00331 for (i = 0; i < 2; i++) {
00332 res = rtcp ? srtp_unprotect_rtcp(srtp->session, buf, len) : srtp_unprotect(srtp->session, buf, len);
00333 if (res != err_status_no_ctx) {
00334 break;
00335 }
00336
00337 if (srtp->cb && srtp->cb->no_ctx) {
00338 if (ast_rtp_instance_get_stats(srtp->rtp, &stats, AST_RTP_INSTANCE_STAT_REMOTE_SSRC)) {
00339 break;
00340 }
00341 if (srtp->cb->no_ctx(srtp->rtp, stats.remote_ssrc, srtp->data) < 0) {
00342 break;
00343 }
00344 } else {
00345 break;
00346 }
00347 }
00348
00349 if (retry == 0 && res == err_status_replay_old) {
00350 ast_log(AST_LOG_NOTICE, "SRTP unprotect failed with %s, retrying\n", srtp_errstr(res));
00351
00352 if (srtp->session) {
00353 struct ast_srtp_policy *policy;
00354 struct ao2_iterator it;
00355 int policies_count;
00356
00357
00358 ast_debug(5, "SRTP destroy before re-create\n");
00359 srtp_dealloc(srtp->session);
00360
00361
00362 policies_count = ao2_container_count(srtp->policies);
00363
00364
00365 it = ao2_iterator_init(srtp->policies, 0);
00366 policy = ao2_iterator_next(&it);
00367
00368 ast_debug(5, "SRTP try to re-create\n");
00369 if (policy) {
00370 int res_srtp_create = srtp_create(&srtp->session, &policy->sp);
00371 if (res_srtp_create == err_status_ok) {
00372 ast_debug(5, "SRTP re-created with first policy\n");
00373 ao2_t_ref(policy, -1, "Unreffing first policy for re-creating srtp session");
00374
00375
00376 if (policies_count > 1) {
00377 ast_debug(5, "Add all the other %d policies\n",
00378 policies_count - 1);
00379 while ((policy = ao2_iterator_next(&it))) {
00380 srtp_add_stream(srtp->session, &policy->sp);
00381 ao2_t_ref(policy, -1, "Unreffing n-th policy for re-creating srtp session");
00382 }
00383 }
00384
00385 retry++;
00386 ao2_iterator_destroy(&it);
00387 goto tryagain;
00388 }
00389 ast_log(LOG_ERROR, "SRTP session could not be re-created after unprotect failure: %s\n", srtp_errstr(res_srtp_create));
00390
00391
00392 srtp->session = NULL;
00393
00394 ao2_t_ref(policy, -1, "Unreffing first policy after srtp_create failed");
00395 }
00396 ao2_iterator_destroy(&it);
00397 }
00398 }
00399
00400 if (!srtp->session) {
00401 errno = EINVAL;
00402 return -1;
00403 }
00404
00405 if (res != err_status_ok && res != err_status_replay_fail ) {
00406 if ((srtp->warned >= 10) && !((srtp->warned - 10) % 100)) {
00407 ast_log(AST_LOG_WARNING, "SRTP unprotect failed with: %s %d\n", srtp_errstr(res), srtp->warned);
00408 srtp->warned = 11;
00409 } else {
00410 srtp->warned++;
00411 }
00412 errno = EAGAIN;
00413 return -1;
00414 }
00415
00416 return *len;
00417 }
00418
00419 static int ast_srtp_protect(struct ast_srtp *srtp, void **buf, int *len, int rtcp)
00420 {
00421 int res;
00422 unsigned char *localbuf;
00423
00424 if ((*len + SRTP_MAX_TRAILER_LEN) > sizeof(srtp->buf)) {
00425 return -1;
00426 }
00427
00428 localbuf = rtcp ? srtp->rtcpbuf : srtp->buf;
00429
00430 memcpy(localbuf, *buf, *len);
00431
00432 if ((res = rtcp ? srtp_protect_rtcp(srtp->session, localbuf, len) : srtp_protect(srtp->session, localbuf, len)) != err_status_ok && res != err_status_replay_fail) {
00433 ast_log(LOG_WARNING, "SRTP protect: %s\n", srtp_errstr(res));
00434 return -1;
00435 }
00436
00437 *buf = localbuf;
00438 return *len;
00439 }
00440
00441 static int ast_srtp_create(struct ast_srtp **srtp, struct ast_rtp_instance *rtp, struct ast_srtp_policy *policy)
00442 {
00443 struct ast_srtp *temp;
00444
00445 if (!(temp = res_srtp_new())) {
00446 return -1;
00447 }
00448 ast_module_ref(ast_module_info->self);
00449
00450
00451 if (srtp_create(&temp->session, &policy->sp) != err_status_ok) {
00452
00453 temp->session = NULL;
00454 ast_srtp_destroy(temp);
00455 return -1;
00456 }
00457
00458 temp->rtp = rtp;
00459 *srtp = temp;
00460
00461 ao2_t_link((*srtp)->policies, policy, "Created initial policy");
00462
00463 return 0;
00464 }
00465
00466 static int ast_srtp_replace(struct ast_srtp **srtp, struct ast_rtp_instance *rtp, struct ast_srtp_policy *policy)
00467 {
00468 if ((*srtp) != NULL) {
00469 ast_srtp_destroy(*srtp);
00470 }
00471 return ast_srtp_create(srtp, rtp, policy);
00472 }
00473
00474 static void ast_srtp_destroy(struct ast_srtp *srtp)
00475 {
00476 if (srtp->session) {
00477 srtp_dealloc(srtp->session);
00478 }
00479
00480 ao2_t_callback(srtp->policies, OBJ_UNLINK | OBJ_NODATA | OBJ_MULTIPLE, NULL, NULL, "Unallocate policy");
00481 ao2_t_ref(srtp->policies, -1, "Destroying container");
00482
00483 ast_free(srtp);
00484 ast_module_unref(ast_module_info->self);
00485 }
00486
00487 static int ast_srtp_add_stream(struct ast_srtp *srtp, struct ast_srtp_policy *policy)
00488 {
00489 struct ast_srtp_policy *match;
00490
00491
00492 if ((match = find_policy(srtp, &policy->sp, OBJ_POINTER))) {
00493 if (policy->sp.ssrc.type != ssrc_specific) {
00494 ast_log(AST_LOG_WARNING, "Cannot replace an existing wildcard policy\n");
00495 ao2_t_ref(match, -1, "Unreffing already existing policy");
00496 return -1;
00497 } else {
00498 if (srtp_remove_stream(srtp->session, match->sp.ssrc.value) != err_status_ok) {
00499 ast_log(AST_LOG_WARNING, "Failed to remove SRTP stream for SSRC %u\n", match->sp.ssrc.value);
00500 }
00501 ao2_t_unlink(srtp->policies, match, "Remove existing match policy");
00502 ao2_t_ref(match, -1, "Unreffing already existing policy");
00503 }
00504 }
00505
00506 ast_debug(3, "Adding new policy for %s %u\n",
00507 policy->sp.ssrc.type == ssrc_specific ? "SSRC" : "type",
00508 policy->sp.ssrc.type == ssrc_specific ? policy->sp.ssrc.value : policy->sp.ssrc.type);
00509 if (srtp_add_stream(srtp->session, &policy->sp) != err_status_ok) {
00510 ast_log(AST_LOG_WARNING, "Failed to add SRTP stream for %s %u\n",
00511 policy->sp.ssrc.type == ssrc_specific ? "SSRC" : "type",
00512 policy->sp.ssrc.type == ssrc_specific ? policy->sp.ssrc.value : policy->sp.ssrc.type);
00513 return -1;
00514 }
00515
00516 ao2_t_link(srtp->policies, policy, "Added additional stream");
00517
00518 return 0;
00519 }
00520
00521 static int ast_srtp_change_source(struct ast_srtp *srtp, unsigned int from_ssrc, unsigned int to_ssrc)
00522 {
00523 struct ast_srtp_policy *match;
00524 struct srtp_policy_t sp = {
00525 .ssrc.type = ssrc_specific,
00526 .ssrc.value = from_ssrc,
00527 };
00528 err_status_t status;
00529
00530
00531
00532
00533 if ((match = find_policy(srtp, &sp, OBJ_POINTER | OBJ_UNLINK))) {
00534 match->sp.ssrc.value = to_ssrc;
00535 if (ast_srtp_add_stream(srtp, match)) {
00536 ast_log(LOG_WARNING, "Couldn't add stream\n");
00537 } else if ((status = srtp_remove_stream(srtp->session, from_ssrc))) {
00538 ast_debug(3, "Couldn't remove stream (%u)\n", status);
00539 }
00540 ao2_t_ref(match, -1, "Unreffing found policy in change_source");
00541 }
00542
00543 return 0;
00544 }
00545
00546 static void res_srtp_shutdown(void)
00547 {
00548 srtp_install_event_handler(NULL);
00549 ast_rtp_engine_unregister_srtp();
00550 #ifdef HAVE_SRTP_SHUTDOWN
00551 srtp_shutdown();
00552 #endif
00553 g_initialized = 0;
00554 }
00555
00556 static int res_srtp_init(void)
00557 {
00558 if (g_initialized) {
00559 return 0;
00560 }
00561
00562 if (srtp_init() != err_status_ok) {
00563 ast_log(AST_LOG_WARNING, "Failed to initialize libsrtp\n");
00564 return -1;
00565 }
00566
00567 srtp_install_event_handler(srtp_event_cb);
00568
00569 if (ast_rtp_engine_register_srtp(&srtp_res, &policy_res)) {
00570 ast_log(AST_LOG_WARNING, "Failed to register SRTP with rtp engine\n");
00571 res_srtp_shutdown();
00572 return -1;
00573 }
00574
00575 g_initialized = 1;
00576 return 0;
00577 }
00578
00579
00580
00581
00582
00583 static int load_module(void)
00584 {
00585 return res_srtp_init();
00586 }
00587
00588 static int unload_module(void)
00589 {
00590 res_srtp_shutdown();
00591 return 0;
00592 }
00593
00594 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_GLOBAL_SYMBOLS | AST_MODFLAG_LOAD_ORDER, "Secure RTP (SRTP)",
00595 .load = load_module,
00596 .unload = unload_module,
00597 .load_pri = AST_MODPRI_CHANNEL_DEPEND,
00598 );