diff --git a/include/mbedtls/ssl.h b/include/mbedtls/ssl.h index 4805c67b3d..1b4e163f61 100644 --- a/include/mbedtls/ssl.h +++ b/include/mbedtls/ssl.h @@ -3257,27 +3257,25 @@ int mbedtls_ssl_dtls_srtp_set_mki_value( mbedtls_ssl_context *ssl, unsigned char *mki_value, uint16_t mki_len ); /** - * \brief Get the negotiated DTLS-SRTP informations: - * Protection profile and MKI value. + * \brief Get the negotiated DTLS-SRTP informations: + * Protection profile and MKI value. * - * \warning This function must be called after the handshake is - * completed. The value returned by this function must - * not be trusted or acted upon before the handshake completes. + * \warning This function must be called after the handshake is + * completed. The value returned by this function must + * not be trusted or acted upon before the handshake completes. * - * \param ssl The SSL context to query. - * - * \return The negotiated DTLS-SRTP informations: - * - Protection profile in use. - * A direct mapping of the iana defined value for protection - * profile on an uint16_t. - * http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml - * #MBEDTLS_TLS_SRTP_UNSET if the use of SRTP was not negotiated - * or peer's Hello packet was not parsed yet. - * - mki size and value (if size is > 0). These informations are valid only - * if the protection profile returned is not MBEDTLS_TLS_SRTP_UNSET. + * \param ssl The SSL context to query. + * \param dtls_srtp_info The negotiated DTLS-SRTP informations: + * - Protection profile in use. + * A direct mapping of the iana defined value for protection + * profile on an uint16_t. + http://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml + * #MBEDTLS_TLS_SRTP_UNSET if the use of SRTP was not negotiated + * or peer's Hello packet was not parsed yet. + * - mki size and value( if size is > 0 ). */ -mbedtls_dtls_srtp_info mbedtls_ssl_get_dtls_srtp_negotiation_result - ( const mbedtls_ssl_context *ssl ); +void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl, + mbedtls_dtls_srtp_info *dtls_srtp_info ); #endif /* MBEDTLS_SSL_DTLS_SRTP */ /** diff --git a/library/ssl_tls.c b/library/ssl_tls.c index 0739b8f05a..8dec7f10a7 100644 --- a/library/ssl_tls.c +++ b/library/ssl_tls.c @@ -4751,16 +4751,19 @@ int mbedtls_ssl_conf_dtls_srtp_protection_profiles( mbedtls_ssl_config *conf, return( 0 ); } -mbedtls_dtls_srtp_info - mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl ) +void mbedtls_ssl_get_dtls_srtp_negotiation_result( const mbedtls_ssl_context *ssl, mbedtls_dtls_srtp_info *dtls_srtp_info ) { - mbedtls_dtls_srtp_info ret = ssl->dtls_srtp_info; - /* discard the mki if there is no chosen profile */ - if ( ret.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) + dtls_srtp_info->chosen_dtls_srtp_profile = ssl->dtls_srtp_info.chosen_dtls_srtp_profile; + /* do not copy the mki value if there is no chosen profile */ + if ( dtls_srtp_info->chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) { - ret.mki_len = 0; + dtls_srtp_info->mki_len = 0; + } + else + { + dtls_srtp_info->mki_len = ssl->dtls_srtp_info.mki_len; + memcpy( dtls_srtp_info->mki_value, ssl->dtls_srtp_info.mki_value, ssl->dtls_srtp_info.mki_len ); } - return( ret ); } #endif /* MBEDTLS_SSL_DTLS_SRTP */ diff --git a/programs/ssl/ssl_client2.c b/programs/ssl/ssl_client2.c index 2a60507890..e78c087ffd 100644 --- a/programs/ssl/ssl_client2.c +++ b/programs/ssl/ssl_client2.c @@ -2754,8 +2754,8 @@ int main( int argc, char *argv[] ) else if( opt.use_srtp != 0 ) { size_t j = 0; - mbedtls_dtls_srtp_info dtls_srtp_negotiation_result = - mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl ); + mbedtls_dtls_srtp_info dtls_srtp_negotiation_result; + mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result ); if( ( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) ) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 81721bbcad..7383d88858 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3865,8 +3865,8 @@ handshake: else if( opt.use_srtp != 0 ) { size_t j = 0; - mbedtls_dtls_srtp_info dtls_srtp_negotiation_result = - mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl ); + mbedtls_dtls_srtp_info dtls_srtp_negotiation_result; + mbedtls_ssl_get_dtls_srtp_negotiation_result( &ssl, &dtls_srtp_negotiation_result ); if( ( dtls_srtp_negotiation_result.chosen_dtls_srtp_profile == MBEDTLS_TLS_SRTP_UNSET ) )