try to ifdef so we can still build against openssl older than 1.0.1 (but dtls…

try to ifdef so we can still build against openssl older than 1.0.1 (but dtls would not work still in this case)

try to ifdef so we can still build against openssl older than 1.0.1 (but dtls…
try to ifdef so we can still build against openssl older than 1.0.1 (but dtls would not work still in this case)
ff532ec3 · Anthony Minessale · 5e2a7151 · ff532ec3 · ff532ec3 · ff532ec3
--- a/src/include/switch_rtp.h
+++ b/src/include/switch_rtp.h
@@ -511,6 +511,7 @@ SWITCH_DECLARE(void) switch_rtp_set_interdigit_delay(switch_rtp_t *rtp_session,

 SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, dtls_fingerprint_t *local_fp, dtls_fingerprint_t *remote_fp, dtls_type_t type);

+SWITCH_DECLARE(int) switch_rtp_has_dtls(void);

 /*!
  \}

--- a/src/switch_core_media.c
+++ b/src/switch_core_media.c
@@ -3717,7 +3717,7 @@ SWITCH_DECLARE(switch_status_t) switch_core_media_activate_rtp(switch_core_sessi
 		}


-		if (!zstr(a_engine->local_dtls_fingerprint.str)) {
+		if (!zstr(a_engine->local_dtls_fingerprint.str) && switch_rtp_has_dtls()) {
 			dtls_type_t xtype, dtype = switch_channel_direction(smh->session->channel) == SWITCH_CALL_DIRECTION_INBOUND ? DTLS_TYPE_CLIENT : DTLS_TYPE_SERVER;

 			xtype = DTLS_TYPE_RTP;
@@ -4160,7 +4160,7 @@ SWITCH_DECLARE(switch_status_t) switch_core_media_activate_rtp(switch_core_sessi
 					}
 					

-					if (!zstr(v_engine->local_dtls_fingerprint.str)) {
+					if (!zstr(v_engine->local_dtls_fingerprint.str) && switch_rtp_has_dtls()) {
 						dtls_type_t xtype, 
 							dtype = switch_channel_direction(smh->session->channel) == SWITCH_CALL_DIRECTION_INBOUND ? DTLS_TYPE_CLIENT : DTLS_TYPE_SERVER;
 						printf("FUCK FP XXXXX %d\n", v_engine->rtcp_mux);

--- a/src/switch_rtp.c
+++ b/src/switch_rtp.c
@@ -2111,11 +2111,23 @@ static int cb_verify_peer(int preverify_ok, X509_STORE_CTX *ctx)
 }
 #endif

+SWITCH_DECLARE(int) switch_rtp_has_dtls(void) {
+#ifdef HAVE_OPENSSL_DTLS_SRTP
+	return 1;
+#else
+	return 0;
+#endif
+}
+
 SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, dtls_fingerprint_t *local_fp, dtls_fingerprint_t *remote_fp, dtls_type_t type)
 {
 	switch_dtls_t *dtls;
 	int ret;

+#ifndef HAVE_OPENSSL_DTLS_SRTP
+	return SWITCH_STATUS_FALSE;
+#endif
+
 	if (!switch_rtp_ready(rtp_session)) {
 		return SWITCH_STATUS_FALSE;
 	}
@@ -2152,10 +2164,10 @@ SWITCH_DECLARE(switch_status_t) switch_rtp_add_dtls(switch_rtp_t *rtp_session, d

 	SSL_CTX_set_cipher_list(dtls->ssl_ctx, "ALL");
 		
-
+#ifdef HAVE_OPENSSL_DTLS_SRTP
 	//SSL_CTX_set_tlsext_use_srtp(dtls->ssl_ctx, "SRTP_AES128_CM_SHA1_80:SRTP_AES128_CM_SHA1_32");
 	SSL_CTX_set_tlsext_use_srtp(dtls->ssl_ctx, "SRTP_AES128_CM_SHA1_80");
-
+#endif
 	
 	dtls->type = type;
 	dtls->read_bio = BIO_new(BIO_s_mem());