Skip to content

Commit

Permalink
Added support for SRTP_NULL_HMAC_SHA1_80 cipher
Browse files Browse the repository at this point in the history
Added support for SRTP_NULL_HMAC_SHA1_80 protection profile (cipher).
It is disabled by default. You need to use SettingEngine and set list
of allowed SRTP protection profiles using its SetSRTPProtectionProfiles
function called with dtls.SRTP_NULL_HMAC_SHA1_80 as a parameter. You
need to do this for both pion peers. For non-pion ones you may need to
enable it somewhere too, as NULL cipher is usually disabled for security
reasons.
  • Loading branch information
sirzooro committed Jul 20, 2024
1 parent 064006d commit d60eb17
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions dtlstransport.go
Original file line number Diff line number Diff line change
Expand Up @@ -377,6 +377,8 @@ func (t *DTLSTransport) Start(remoteParameters DTLSParameters) error {
t.srtpProtectionProfile = srtp.ProtectionProfileAeadAes256Gcm
case dtls.SRTP_AES128_CM_HMAC_SHA1_80:
t.srtpProtectionProfile = srtp.ProtectionProfileAes128CmHmacSha1_80
case dtls.SRTP_NULL_HMAC_SHA1_80:
t.srtpProtectionProfile = srtp.ProtectionProfileNullHmacSha1_80

Check warning on line 381 in dtlstransport.go

View check run for this annotation

Codecov / codecov/patch

dtlstransport.go#L380-L381

Added lines #L380 - L381 were not covered by tests
default:
t.onStateChange(DTLSTransportStateFailed)
return ErrNoSRTPProtectionProfile
Expand Down

0 comments on commit d60eb17

Please sign in to comment.