DTLS/SRTP processing (headers) More...
#include <inttypes.h>
#include <glib.h>
#include "rtp.h"
#include "rtpsrtp.h"
#include "sctp.h"
#include "refcount.h"
#include "dtls-bio.h"
Go to the source code of this file.
Data Structures | |
struct | janus_dtls_srtp |
Janus DTLS-SRTP handle. More... | |
Typedefs | |
typedef enum janus_dtls_role | janus_dtls_role |
DTLS roles. | |
typedef enum janus_dtls_state | janus_dtls_state |
DTLS state. | |
typedef struct janus_dtls_srtp | janus_dtls_srtp |
Janus DTLS-SRTP handle. | |
Enumerations | |
enum | janus_dtls_role { JANUS_DTLS_ROLE_ACTPASS = -1 , JANUS_DTLS_ROLE_SERVER , JANUS_DTLS_ROLE_CLIENT } |
DTLS roles. More... | |
enum | janus_dtls_state { JANUS_DTLS_STATE_FAILED = -1 , JANUS_DTLS_STATE_CREATED , JANUS_DTLS_STATE_TRYING , JANUS_DTLS_STATE_CONNECTED } |
DTLS state. More... | |
Functions | |
const char * | janus_get_ssl_version (void) |
Helper method to return info on the crypto library and its version. | |
gint | janus_dtls_srtp_init (const char *server_pem, const char *server_key, const char *password, const char *ciphers, guint16 timeout, gboolean rsa_private_key, gboolean accept_selfsigned) |
DTLS stuff initialization. | |
void | janus_dtls_srtp_cleanup (void) |
Method to cleanup DTLS stuff before exiting. | |
gchar * | janus_dtls_get_local_fingerprint (void) |
Method to return a string representation (SHA-256) of the certificate fingerprint. | |
gboolean | janus_dtls_are_selfsigned_certs_ok (void) |
Method to check whether DTLS self-signed certificates are ok (default) or not. | |
janus_dtls_srtp * | janus_dtls_srtp_create (void *component, janus_dtls_role role) |
Create a janus_dtls_srtp instance. | |
void | janus_dtls_srtp_handshake (janus_dtls_srtp *dtls) |
Start a DTLS handshake. | |
int | janus_dtls_srtp_create_sctp (janus_dtls_srtp *dtls) |
Create an SCTP association, for data channels. | |
void | janus_dtls_srtp_incoming_msg (janus_dtls_srtp *dtls, char *buf, uint16_t len) |
Handle an incoming DTLS message. | |
void | janus_dtls_srtp_send_alert (janus_dtls_srtp *dtls) |
Send an alert on a janus_dtls_srtp instance. | |
void | janus_dtls_srtp_destroy (janus_dtls_srtp *dtls) |
Destroy a janus_dtls_srtp instance. | |
void | janus_dtls_callback (const SSL *ssl, int where, int ret) |
DTLS alert callback (http://www.openssl.org/docs/ssl/SSL_CTX_set_info_callback.html) | |
int | janus_dtls_verify_callback (int preverify_ok, X509_STORE_CTX *ctx) |
DTLS certificate verification callback (http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html) | |
gboolean | janus_dtls_retry (gpointer stack) |
DTLS retransmission timer. | |
const gchar * | janus_get_dtls_srtp_state (janus_dtls_state state) |
Helper method to get a string representation of a Janus DTLS state. | |
const gchar * | janus_get_dtls_srtp_role (janus_dtls_role role) |
Helper method to get a string representation of a DTLS role. | |
const gchar * | janus_get_dtls_srtp_profile (int profile) |
Helper method to get a string representation of an SRTP profile. | |
gboolean | janus_is_dtls (char *buf) |
Helper method to demultiplex DTLS from other protocols. | |
DTLS/SRTP processing (headers)
Implementation (based on OpenSSL and libsrtp) of the DTLS/SRTP transport. The code takes care of the DTLS handshake between peers and the server, and sets the proper SRTP and SRTCP context up accordingly. A DTLS alert from a peer is notified to the plugin handling him/her by means of the hangup_media callback.
typedef enum janus_dtls_role janus_dtls_role |
DTLS roles.
typedef struct janus_dtls_srtp janus_dtls_srtp |
Janus DTLS-SRTP handle.
typedef enum janus_dtls_state janus_dtls_state |
DTLS state.
enum janus_dtls_role |
enum janus_dtls_state |
gboolean janus_dtls_are_selfsigned_certs_ok | ( | void | ) |
Method to check whether DTLS self-signed certificates are ok (default) or not.
void janus_dtls_callback | ( | const SSL * | ssl, |
int | where, | ||
int | ret ) |
DTLS alert callback (http://www.openssl.org/docs/ssl/SSL_CTX_set_info_callback.html)
[in] | ssl | SSL instance where the alert occurred |
[in] | where | The context where the event occurred |
[in] | ret | The error code |
gchar * janus_dtls_get_local_fingerprint | ( | void | ) |
Method to return a string representation (SHA-256) of the certificate fingerprint.
gboolean janus_dtls_retry | ( | gpointer | stack | ) |
DTLS retransmission timer.
As libnice is going to actually send and receive data, OpenSSL cannot handle retransmissions by itself: this timed callback (g_source_set_callback) deals with this.
[in] | stack | Opaque pointer to the janus_dtls_srtp instance to use |
void janus_dtls_srtp_cleanup | ( | void | ) |
Method to cleanup DTLS stuff before exiting.
janus_dtls_srtp * janus_dtls_srtp_create | ( | void * | component, |
janus_dtls_role | role ) |
Create a janus_dtls_srtp instance.
[in] | component | Opaque pointer to the component owning that will use the stack |
[in] | role | The role of the DTLS stack (client/server) |
int janus_dtls_srtp_create_sctp | ( | janus_dtls_srtp * | dtls | ) |
Create an SCTP association, for data channels.
[in] | dtls | The janus_dtls_srtp instance to setup SCTP on |
void janus_dtls_srtp_destroy | ( | janus_dtls_srtp * | dtls | ) |
Destroy a janus_dtls_srtp instance.
[in] | dtls | The janus_dtls_srtp instance to destroy |
void janus_dtls_srtp_handshake | ( | janus_dtls_srtp * | dtls | ) |
Start a DTLS handshake.
[in] | dtls | The janus_dtls_srtp instance to start the handshake on |
void janus_dtls_srtp_incoming_msg | ( | janus_dtls_srtp * | dtls, |
char * | buf, | ||
uint16_t | len ) |
Handle an incoming DTLS message.
[in] | dtls | The janus_dtls_srtp instance to start the handshake on |
[in] | buf | The DTLS message data |
[in] | len | The DTLS message data length |
gint janus_dtls_srtp_init | ( | const char * | server_pem, |
const char * | server_key, | ||
const char * | password, | ||
const char * | ciphers, | ||
guint16 | timeout, | ||
gboolean | rsa_private_key, | ||
gboolean | accept_selfsigned ) |
DTLS stuff initialization.
[in] | server_pem | Path to the certificate to use |
[in] | server_key | Path to the key to use |
[in] | password | Password needed to use the key, if any |
[in] | ciphers | DTLS ciphers to use (will use hardcoded defaults, if NULL) |
[in] | timeout | DTLS timeout base, in ms, to use for retransmissions (ignored if not using BoringSSL) |
[in] | rsa_private_key | Whether RSA certificates should be generated, instead of NIST P-256 |
[in] | accept_selfsigned | Whether to accept self-signed certificates (default) or enforce validation |
void janus_dtls_srtp_send_alert | ( | janus_dtls_srtp * | dtls | ) |
Send an alert on a janus_dtls_srtp instance.
[in] | dtls | The janus_dtls_srtp instance to send the alert on |
int janus_dtls_verify_callback | ( | int | preverify_ok, |
X509_STORE_CTX * | ctx ) |
DTLS certificate verification callback (http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html)
This method always returns 1 (true), in order not to fail when a certificate verification is requested. This is especially needed because all certificates used for DTLS in WebRTC are self signed, and as such a formal verification would fail.
[in] | preverify_ok | Whether the verification of the certificate was passed |
[in] | ctx | context used for the certificate verification |
const gchar * janus_get_dtls_srtp_profile | ( | int | profile | ) |
Helper method to get a string representation of an SRTP profile.
[in] | profile | The SRTP profile as exported by a DTLS-SRTP handshake |
const gchar * janus_get_dtls_srtp_role | ( | janus_dtls_role | role | ) |
Helper method to get a string representation of a DTLS role.
[in] | role | The DTLS role |
const gchar * janus_get_dtls_srtp_state | ( | janus_dtls_state | state | ) |
Helper method to get a string representation of a Janus DTLS state.
[in] | state | The Janus DTLS state |
const char * janus_get_ssl_version | ( | void | ) |
Helper method to return info on the crypto library and its version.
gboolean janus_is_dtls | ( | char * | buf | ) |
Helper method to demultiplex DTLS from other protocols.
[in] | buf | Buffer to inspect |