Add SRTP support for Asterisk

After 5 years in mantis and over a year on reviewboard, SRTP support is finally
being comitted. This includes generic CHANNEL dialplan functions that work for
getting the status of whether a call has secure media or signaling as defined
by the underlying channel technology and for setting whether or not a new
channel being bridged to a calling channel should have secure signaling or
media. See doc/tex/secure-calls.tex for examples.

Original patch by mikma, updated for trunk and revised by me.

(closes issue #5413)
Reported by: mikma
Tested by: twilson, notthematrix, hemanshurpatel

Review: https://reviewboard.asterisk.org/r/191/


git-svn-id: http://svn.digium.com/svn/asterisk/trunk@268894 f38db490-d61c-443f-a65b-d21fe96a405b

1 files changed, 50 insertions, 0 deletions

diff --git a/funcs/func_channel.c b/funcs/func_channel.c
index 8dff86efb..729bdf45b 100644
--- a/funcs/func_channel.c
+++ b/funcs/func_channel.c
@@ -38,6 +38,7 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 #include "asterisk/app.h"
 #include "asterisk/indications.h"
 #include "asterisk/stringfields.h"
+#include "asterisk/global_datastores.h"
 
 /*** DOCUMENTATION
 	<function name="CHANNELS" language="en_US">
@@ -102,6 +103,12 @@ ASTERISK_FILE_VERSION(__FILE__, "$Revision$")
 					<enum name="rxgain">
 						<para>R/W set rxgain level on channel drivers that support it.</para>
 					</enum>
+					<enum name="secure_bridge_signaling">
+						<para>Whether or not channels bridged to this channel require secure signaling</para>
+					</enum>
+					<enum name="secure_bridge_media">
+						<para>Whether or not channels bridged to this channel require secure media</para>
+					</enum>
 					<enum name="state">
 						<para>R/O state for channel</para>
 					</enum>
@@ -344,6 +351,18 @@ static int func_channel_read(struct ast_channel *chan, const char *function,
 		char amabuf[256];
 		snprintf(amabuf,sizeof(amabuf), "%d", chan->amaflags);
 		locked_copy_string(chan, buf, amabuf, len);
+	} else if (!strncasecmp(data, "secure_bridge_", 14)) {
+		struct ast_datastore *ds;
+		ast_channel_lock(chan);
+		if ((ds = ast_channel_datastore_find(chan, &secure_call_info, NULL))) {
+			struct ast_secure_call_store *encrypt = ds->data;
+			if (!strcasecmp(data, "secure_bridge_signaling")) {
+				snprintf(buf, len, "%s", encrypt->signaling ? "1" : "");
+			} else if (!strcasecmp(data, "secure_bridge_media")) {
+				snprintf(buf, len, "%s", encrypt->media ? "1" : "");
+			}
+		}
+		ast_channel_unlock(chan);
 	} else if (!chan->tech || !chan->tech->func_channel_read || chan->tech->func_channel_read(chan, function, data, buf, len)) {
 		ast_log(LOG_WARNING, "Unknown or unavailable item requested: '%s'\n", data);
 		ret = -1;
@@ -429,6 +448,37 @@ static int func_channel_write(struct ast_channel *chan, const char *function,
 				break;
 			}
 		}
+	} else if (!strncasecmp(data, "secure_bridge_", 14)) {
+		struct ast_datastore *ds;
+		struct ast_secure_call_store *store;
+
+		if (!chan || !value) {
+			return -1;
+		}
+
+		ast_channel_lock(chan);
+		if (!(ds = ast_channel_datastore_find(chan, &secure_call_info, NULL))) {
+			if (!(ds = ast_datastore_alloc(&secure_call_info, NULL))) {
+				ast_channel_unlock(chan);
+				return -1;
+			}
+			if (!(store = ast_calloc(1, sizeof(*store)))) {
+				ast_channel_unlock(chan);
+				ast_free(ds);
+				return -1;
+			}
+			ds->data = store;
+			ast_channel_datastore_add(chan, ds);
+		} else {
+			store = ds->data;
+		}
+		ast_channel_unlock(chan);
+
+		if (!strcasecmp(data, "secure_bridge_signaling")) {
+			store->signaling = ast_true(value) ? 1 : 0;
+		} else if (!strcasecmp(data, "secure_bridge_media")) {
+			store->media = ast_true(value) ? 1 : 0;
+		}
 	} else if (!chan->tech->func_channel_write
 		 || chan->tech->func_channel_write(chan, function, data, value)) {
 		ast_log(LOG_WARNING, "Unknown or unavailable item requested: '%s'\n",