Implemented WebRTC

scripts/webrtc_compile.sh

@@ -0,0 +1,52 @@
+#!/bin/sh
+
+pd=${PWD}
+d=${PWD}/../
+config="Release"
+
+if [ ! -d ${d}/external ] ; then
+    mkdir ${d}/external
+fi
+
+if [ ! -d ${d}/external/mbedtls ] ; then
+    #prepare mbedtls for build
+    cd ${d}/external/
+    git clone https://github.com/diederickh/mbedtls
+    
+    cd ${d}/external/mbedtls
+    git checkout -b dtls_srtp_support
+    git merge 15179bfbaa794506c06f923f85d7c71f0dfd89e9
+
+    git am < ${pd}/webrtc_mbedtls_keying_material_fix.diff
+    if [ $? -ne 0 ] ; then
+        echo "Failed to apply patch"
+        exit
+    fi
+fi
+
+if [ ! -d ${d}/build ] ; then
+    mkdir ${d}/build
+fi
+
+if [ ! -d ${d}/installed ] ; then
+    mkdir ${d}/installed
+    #Build mbedtls
+    mkdir -p ${d}/external/mbedtls/build
+    cd ${d}/external/mbedtls/build
+    cmake -DCMAKE_INSTALL_PREFIX=${d}/installed -DENABLE_PROGRAMS=Off ..
+    cmake --build . --config ${config} --target install -- -j 8
+fi
+
+
+cd ${d}
+export PATH="${PATH}:${d}/installed/include"
+cmake -DCMAKE_CXX_FLAGS="-I${d}/installed/include/ -L${d}/installed/lib/" \
+      -DCMAKE_PREFIX_PATH=${d}/installed/include \
+      -DCMAKE_MODULE_PATH=${d}/installed/ \
+      -DPERPETUAL=1 \
+      -DDEBUG=3 \
+      -GNinja \
+      .
+
+ninja
+

scripts/webrtc_mbedtls_keying_material_fix.diff

@@ -0,0 +1,34 @@
+From ba52913047a6821dac15f8320c8857cef589bb6f Mon Sep 17 00:00:00 2001
+From: roxlu <diederick@roxlu.com>
+Date: Mon, 2 Jul 2018 22:26:21 +0200
+Subject: [PATCH] Fixes to get DTLS SRTP to work with WebRTC
+
+---
+ library/ssl_tls.c | 4 +---
+ 1 file changed, 1 insertion(+), 3 deletions(-)
+
+diff --git a/library/ssl_tls.c b/library/ssl_tls.c
+index fe27c6a8..25b86da8 100644
+--- a/library/ssl_tls.c
++++ b/library/ssl_tls.c
+@@ -6436,7 +6436,6 @@ mbedtls_ssl_srtp_profile mbedtls_ssl_get_dtls_srtp_protection_profile( const mbe
+ }
+ 
+ int mbedtls_ssl_get_dtls_srtp_key_material( const mbedtls_ssl_context *ssl, unsigned char *key, size_t *key_len ) {
+-    *key_len = 0;
+ 
+     /* check output buffer size */
+     if ( *key_len < ssl->dtls_srtp_info.dtls_srtp_keys_len) {
+@@ -7706,8 +7705,7 @@ void mbedtls_ssl_free( mbedtls_ssl_context *ssl )
+ #endif
+ 
+ #if defined (MBEDTLS_SSL_DTLS_SRTP)
+-    mbedtls_zeroize( ssl->dtls_srtp_info.dtls_srtp_keys, ssl->dtls_srtp_info.dtls_srtp_keys_len );
+- //   mbedtls_free( ssl->dtls_srtp_keys );
++    mbedtls_platform_zeroize( ssl->dtls_srtp_info.dtls_srtp_keys, ssl->dtls_srtp_info.dtls_srtp_keys_len );
+ #endif /* MBEDTLS_SSL_DTLS_SRTP */
+ 
+     MBEDTLS_SSL_DEBUG_MSG( 2, ( "<= free" ) );
+-- 
+2.17.1
+

scripts/webrtc_run.sh

@@ -0,0 +1,30 @@
+#!/bin/bash
+
+cd ${PWD}/../build
+set -x
+#export MIST_CONTROL=1
+make MistOutWebRTC
+
+if [ $? -ne 0 ] ; then
+    echo "Failed to compile."
+    exit
+fi
+
+#-fsanitize=address 
+#export MALLOC_CHECK_=2
+# valgrind --trace-children=yes
+#   ASAN_OPTIONS=symbolize=1 ASAN_SYMBOLIZER_PATH=$(shell which llvm-symbolizer) 
+if [ 0 -ne 0 ] ; then
+    reset && valgrind --trace-children=yes ./MistOutHTTPS \
+                      --port 4433 \
+                      --cert ~/.ssh/certs/arch680.rox.lu.crt \
+                      --key ~/.ssh/certs/arch680.rox.lu.key \
+                      --debug 10
+else
+    reset && ./MistOutHTTPS \
+                 --port 4433 \
+                 --cert ~/.ssh/certs/arch680.rox.lu.crt \
+                 --key ~/.ssh/certs/arch680.rox.lu.key \
+                 --debug 10
+fi
+

scripts/webrtc_srtp_cmakelists.txt

@@ -0,0 +1,112 @@
+cmake_minimum_required(VERSION 3.8)
+project(srtp2)
+set(bd ${CMAKE_CURRENT_LIST_DIR})
+set(sd ${bd})
+
+list(APPEND lib_sources
+  ${sd}/srtp/srtp.c
+  ${sd}/srtp/ekt.c
+  ${sd}/crypto/kernel/alloc.c
+  ${sd}/crypto/kernel/err.c
+  ${sd}/crypto/kernel/crypto_kernel.c
+  ${sd}/crypto/kernel/key.c
+  ${sd}/crypto/math/datatypes.c
+  ${sd}/crypto/math/stat.c
+  ${sd}/crypto/replay/rdbx.c
+  ${sd}/crypto/replay/rdb.c
+  ${sd}/crypto/replay/ut_sim.c
+  ${sd}/crypto/cipher/cipher.c
+  ${sd}/crypto/cipher/null_cipher.c
+  ${sd}/crypto/cipher/aes.c
+  ${sd}/crypto/hash/auth.c
+  ${sd}/crypto/hash/null_auth.c
+  ${sd}/crypto/cipher/aes_icm.c
+  ${sd}/crypto/hash/sha1.c
+  ${sd}/crypto/hash/hmac.c
+  )
+
+# -- start of checks
+
+include(CheckIncludeFiles)
+include(CheckFunctionExists)
+include(CheckLibraryExists)
+include(CheckTypeSize)
+include(TestBigEndian)
+
+set(AC_APPLE_UNIVERSAL_BUILD 0)
+set(CPU_CISC 1)
+set(CPU_RISC 0)
+set(ENABLE_DEBUG_LOGGING 0)
+set(ERR_REPORTING_FILE "libsrtp_error.log")
+set(ERR_REPORTING_STDOUT 0)
+set(VERSION "2.3")
+
+check_include_files(arpa/inet.h HAVE_ARPA_INET_H)
+check_include_files(byteswap.h HAVE_BYTESWAP_H)
+check_function_exists(inet_aton HAVE_INET_ATON)
+check_type_size(int16_t HAVE_INT16_T)
+check_type_size(int32_t HAVE_INT32_T)
+check_type_size(int8_t HAVE_INT8_T)
+check_include_files(inttypes.h HAVE_INTTYPES_H)
+check_library_exists(dl dlopen "" HAVE_LIBDL)
+check_library_exists(socket socket "" HAVE_LIBSOCKET)
+check_library_exists(z zlibVersion "" HAVE_LIBZ)
+check_include_files(machine/types.h HAVE_MACHINE_TYPES_H)
+check_include_files(memory.h HAVE_MEMORY_H)
+check_include_files(netinet/in.h HAVE_NETINET_IN_H)
+# @todo check winpcap
+check_function_exists(sigaction HAVE_SIGACTION)
+check_function_exists(socket HAVE_SOCKET)
+check_include_files(stdint.h HAVE_STDINT_H)
+check_include_files(stdlib.h HAVE_STDLIB_H)
+check_include_files(strings.h HAVE_STRINGS_H)
+check_include_files(string.h HAVE_STRING_H)
+check_include_files(sys/int_types.h HAVE_SYS_INT_TYPES_H)
+check_include_files(sys/socket.h HAVE_SYS_SOCKET_H)
+check_include_files(sys/stat.h HAVE_SYS_STAT_H)
+check_include_files(sys/types.h HAVE_SYS_TYPES_H)
+check_include_files(sys/uio.h HAVE_SYS_UIO_H)
+check_type_size(uint16_t HAVE_UINT16_T)
+check_type_size(uint32_t HAVE_UINT32_T)
+check_type_size(uint64_t HAVE_UINT64_T)
+check_type_size(uint8_t HAVE_UINT8_T)
+check_include_files(unistd.h HAVE_UNISTD_H)
+check_function_exists(usleep HAVE_USLEEP)
+check_include_files(windows.h HAVE_WINDOWS_H)
+check_include_files(winsock2.h HAVE_WINSOCK2_H)
+# @todo HAVE_X86
+# @todo OPENSSL
+# @todo OPENSSL_CLEANSE_BROKEN
+# @todo OPENSSL_KDF
+# @todo PACKAGE_BUGREPORT
+set(PACKAGE_BUGREPORT "testers@ddvdtech.com")
+set(PACKAGE_NAME "libsrtp")
+set(PACKAGE_VERSION "${VERSION}")
+set(PACKAGE_STRING "${PACKAGE_NAME}_${VERSION}")
+set(PACKAGE_TARNAME "${PACKAGE_STRING}.tar")
+set(PACKAGE_URL "http://www.mistserver.org")
+check_type_size("unsigned long" SIZEOF_UNSIGNED_LONG)
+check_type_size("unsigned long long" SIZEOF_UNSIGNED_LONG_LONG)
+check_include_files("stdlib.h;stdarg.h;string.h;float.h" STDC_HEADERS)
+configure_file(${bd}/config.cmake ${bd}/crypto/include/config.h)
+
+#--------------------------------------------------------
+
+include_directories(
+  ${bd}/include/
+  ${bd}/crypto/
+  ${bd}/crypto/include
+  )
+
+add_library(srtp2 STATIC ${lib_sources})
+target_compile_definitions(srtp2 PUBLIC HAVE_CONFIG_H)
+
+list(APPEND include_files
+  ${bd}/include/srtp.h
+  ${bd}/crypto/include/cipher.h
+  ${bd}/crypto/include/auth.h
+  ${bd}/crypto/include/crypto_types.h
+  )
+
+install(FILES ${include_files} DESTINATION include)
+install(TARGETS srtp2 ARCHIVE DESTINATION lib)

scripts/webrtc_srtp_config.cmake

@@ -0,0 +1,181 @@
+/* config_in.h.  Generated from configure.ac by autoheader.  */
+
+/* Define if building universal (internal helper macro) */
+#cmakedefine AC_APPLE_UNIVERSAL_BUILD 1
+
+/* Define if building for a CISC machine (e.g. Intel). */
+#cmakedefine CPU_CISC 1
+
+/* Define if building for a RISC machine (assume slow byte access). */
+#cmakedefine CPU_RISC 1
+
+/* Define to enabled debug logging for all mudules. */
+#cmakedefine ENABLE_DEBUG_LOGGING 1
+
+/* Logging statments will be writen to this file. */
+#cmakedefine ERR_REPORTING_FILE  "@ERR_REPORTING_FILE@"
+
+/* Define to redirect logging to stdout. */
+#cmakedefine ERR_REPORTING_STDOUT 1
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#cmakedefine HAVE_ARPA_INET_H 1
+
+/* Define to 1 if you have the <byteswap.h> header file. */
+#cmakedefine HAVE_BYTESWAP_H 1
+ 
+/* Define to 1 if you have the `inet_aton' function. */
+#cmakedefine HAVE_INET_ATON 1
+
+/* Define to 1 if the system has the type `int16_t'. */
+#cmakedefine HAVE_INT16_T 1
+
+/* Define to 1 if the system has the type `int32_t'. */
+#cmakedefine HAVE_INT32_T 1
+
+/* Define to 1 if the system has the type `int8_t'. */
+#cmakedefine HAVE_INT8_T 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#cmakedefine HAVE_INTTYPES_H 1
+
+/* Define to 1 if you have the `dl' library (-ldl). */
+#cmakedefine HAVE_LIBDL 1
+
+/* Define to 1 if you have the `socket' library (-lsocket). */
+#cmakedefine HAVE_LIBSOCKET 1
+
+/* Define to 1 if you have the `z' library (-lz). */
+#cmakedefine HAVE_LIBZ 1
+
+/* Define to 1 if you have the <machine/types.h> header file. */
+#cmakedefine HAVE_MACHINE_TYPES_H 1
+
+/* Define to 1 if you have the <memory.h> header file. */
+#cmakedefine HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#cmakedefine HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the `winpcap' library (-lwpcap) */
+#cmakedefine HAVE_PCAP 1
+
+/* Define to 1 if you have the `sigaction' function. */
+#cmakedefine HAVE_SIGACTION 1
+
+/* Define to 1 if you have the `socket' function. */
+#cmakedefine HAVE_SOCKET 1
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#cmakedefine HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#cmakedefine HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#cmakedefine HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#cmakedefine HAVE_STRING_H 1
+
+/* Define to 1 if you have the <sys/int_types.h> header file. */
+#cmakedefine HAVE_SYS_INT_TYPES_H 1
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#cmakedefine HAVE_SYS_SOCKET_H 1
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#cmakedefine HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#cmakedefine HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/uio.h> header file. */
+#cmakedefine HAVE_SYS_UIO_H 1
+
+/* Define to 1 if the system has the type `uint16_t'. */
+#cmakedefine HAVE_UINT16_T 1
+
+/* Define to 1 if the system has the type `uint32_t'. */
+#cmakedefine HAVE_UINT32_T 1
+
+/* Define to 1 if the system has the type `uint64_t'. */
+#cmakedefine HAVE_UINT64_T 1
+
+/* Define to 1 if the system has the type `uint8_t'. */
+#cmakedefine HAVE_UINT8_T 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#cmakedefine HAVE_UNISTD_H 1
+
+/* Define to 1 if you have the `usleep' function. */
+#cmakedefine HAVE_USLEEP 1
+
+/* Define to 1 if you have the <windows.h> header file. */
+#cmakedefine HAVE_WINDOWS_H 1
+
+/* Define to 1 if you have the <winsock2.h> header file. */
+#cmakedefine HAVE_WINSOCK2_H 1
+
+/* Define to use X86 inlined assembly code */
+#cmakedefine HAVE_X86 1
+
+/* Define this to use OpenSSL crypto. */
+#cmakedefine OPENSSL 1
+
+/* Define this if OPENSSL_cleanse is broken. */
+#cmakedefine OPENSSL_CLEANSE_BROKEN 1
+
+/* Define this to use OpenSSL KDF for SRTP. */
+#cmakedefine OPENSSL_KDF 1
+
+/* Define to the address where bug reports for this package should be sent. */
+#cmakedefine PACKAGE_BUGREPORT "@PACKAGE_BUGREPORT@"
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME "@PACKAGE_NAME@"
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING "@PACKAGE_STRING@"
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME "@PACKAGE_TARNAME@"
+
+/* Define to the home page for this package. */
+#cmakedefine PACKAGE_URL "@PACKAGE_URL@"
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION "@PACKAGE_VERSION@"
+
+/* The size of a `unsigned long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG @SIZEOF_UNSIGNED_LONG@
+
+/* The size of a `unsigned long long', as computed by sizeof. */
+#define SIZEOF_UNSIGNED_LONG_LONG @SIZEOF_UNSIGNED_LONG_LONG@
+
+/* Define to 1 if you have the ANSI C header files. */
+#cmakedefine STDC_HEADERS 1
+
+/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
+   significant byte first (like Motorola and SPARC, unlike Intel). */
+#if defined AC_APPLE_UNIVERSAL_BUILD
+# if defined __BIG_ENDIAN__
+#  define WORDS_BIGENDIAN 1
+# endif
+#else
+# ifndef WORDS_BIGENDIAN
+#  undef WORDS_BIGENDIAN
+# endif
+#endif
+
+/* Define to empty if `const' does not conform to ANSI C. */
+#undef const
+
+/* Define to `__inline__' or `__inline' if that's what the C compiler
+   calls it, or to nothing if 'inline' is not supported under any name.  */
+#ifndef __cplusplus
+#undef inline
+#endif
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+#undef size_t