From 8df520011ae36a495f4072f308f63f2fb19d83e9 Mon Sep 17 00:00:00 2001
From: Jehan Monnier <jehan.monnier@linphone.org>
Date: Wed, 11 Mar 2015 14:15:59 +0100
Subject: [PATCH] Make sure encryption mandatory is taken into account for alto
 like ZRTP or DTLS

---
 coreapi/linphonecall.c      |  4 ++++
 mediastreamer2              |  2 +-
 oRTP                        |  2 +-
 tester/call_tester.c        | 11 +++++++----
 tester/offeranswer_tester.c | 20 +++++++++++++++++++-
 5 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/coreapi/linphonecall.c b/coreapi/linphonecall.c
index 258e756a3..00a0b7f3c 100644
--- a/coreapi/linphonecall.c
+++ b/coreapi/linphonecall.c
@@ -2516,6 +2516,9 @@ static void linphone_call_start_audio_stream(LinphoneCall *call, bool_t muted, b
 				use_ec
 				);
 			post_configure_audio_streams(call, muted && !send_ringbacktone);
+
+			media_stream_session_encryption_mandatory_enable(&call->audiostream->ms.sessions,linphone_core_is_media_encryption_mandatory(call->core));
+
 			if (stream->dir==SalStreamSendOnly && playfile!=NULL){
 				int pause_time=500;
 				ms_filter_call_method(call->audiostream->soundread,MS_FILE_PLAYER_LOOP,&pause_time);
@@ -2648,6 +2651,7 @@ static void linphone_call_start_video_stream(LinphoneCall *call, bool_t all_inpu
 									   (linphone_core_rtcp_enabled(lc) && !is_multicast)  ? (vstream->rtcp_port ? vstream->rtcp_port : vstream->rtp_port+1) : 0,
 									   used_pt, linphone_core_get_video_jittcomp(lc), cam);
 				}
+				media_stream_session_encryption_mandatory_enable(&call->videostream->ms.sessions,linphone_core_is_media_encryption_mandatory(call->core));
 			}
 		}else ms_warning("No video stream accepted.");
 	}else{
diff --git a/mediastreamer2 b/mediastreamer2
index b16d34d50..95e5ed949 160000
--- a/mediastreamer2
+++ b/mediastreamer2
@@ -1 +1 @@
-Subproject commit b16d34d50314f346263dc68bd9e25cc174a2a9ad
+Subproject commit 95e5ed94996289fe62e8ba6813625d74941c90ff
diff --git a/oRTP b/oRTP
index 9f6a7f42e..68c07b231 160000
--- a/oRTP
+++ b/oRTP
@@ -1 +1 @@
-Subproject commit 9f6a7f42e0ee7ce89452ee9f7be8b97b891370ed
+Subproject commit 68c07b23191f97619d209445e99a30418c4bfc77
diff --git a/tester/call_tester.c b/tester/call_tester.c
index e69b0d9d1..9be0bd957 100644
--- a/tester/call_tester.c
+++ b/tester/call_tester.c
@@ -288,10 +288,8 @@ bool_t call_with_params2(LinphoneCoreManager* caller_mgr
 			const LinphoneCallParams* call_param = linphone_call_get_current_params(linphone_core_get_current_call(callee_mgr->lc));
 			CU_ASSERT_EQUAL(linphone_call_params_get_media_encryption(call_param),linphone_core_get_media_encryption(caller_mgr->lc));
 			call_param = linphone_call_get_current_params(linphone_core_get_current_call(caller_mgr->lc));
-			if (linphone_call_params_get_media_encryption(call_param) != LinphoneMediaEncryptionDTLS) {
-				/*for DTLS this test is not relevant */
-				CU_ASSERT_EQUAL(linphone_call_params_get_media_encryption(call_param),linphone_core_get_media_encryption(callee_mgr->lc));
-			}
+			CU_ASSERT_EQUAL(linphone_call_params_get_media_encryption(call_param),linphone_core_get_media_encryption(caller_mgr->lc));
+
 		}
 	}
 	return result;
@@ -2007,6 +2005,10 @@ static void dtls_srtp_call() {
 	call_base(LinphoneMediaEncryptionDTLS,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE);
 }
 
+static void dtls_srtp_call_with_media_realy() {
+	call_base(LinphoneMediaEncryptionDTLS,FALSE,TRUE,LinphonePolicyNoFirewall,FALSE);
+}
+
 static void dtls_srtp_ice_call() {
 	call_base(LinphoneMediaEncryptionDTLS,FALSE,FALSE,LinphonePolicyUseIce,FALSE);
 }
@@ -3488,6 +3490,7 @@ test_t call_tests[] = {
 	{ "SRTP call", srtp_call },
 	{ "ZRTP call",zrtp_call},
 	{ "DTLS SRTP call",dtls_srtp_call},
+	{ "DTLS SRTP call with media relay", dtls_srtp_call_with_media_realy},
 	{ "ZRTP video call",zrtp_video_call},
 	{ "SRTP call with declined srtp", call_with_declined_srtp },
 	{ "Call with file player", call_with_file_player},
diff --git a/tester/offeranswer_tester.c b/tester/offeranswer_tester.c
index 3343f49b5..0a659aaf3 100644
--- a/tester/offeranswer_tester.c
+++ b/tester/offeranswer_tester.c
@@ -157,7 +157,7 @@ static void call_failed_because_of_codecs(void) {
 }
 
 
-static void profile_call(bool_t avpf1, LinphoneMediaEncryption srtp1, bool_t avpf2, LinphoneMediaEncryption srtp2, const char *expected_profile) {
+static void profile_call_base(bool_t avpf1, LinphoneMediaEncryption srtp1,bool_t avpf2, LinphoneMediaEncryption srtp2, bool_t encryption_mandatory, const char *expected_profile) {
 	LinphoneCoreManager *marie = linphone_core_manager_new("marie_rc");
 	LinphoneCoreManager *pauline = linphone_core_manager_new("pauline_rc");
 	LinphoneProxyConfig *lpc;
@@ -173,6 +173,12 @@ static void profile_call(bool_t avpf1, LinphoneMediaEncryption srtp1, bool_t avp
 		linphone_proxy_config_enable_avpf(lpc, TRUE);
 		linphone_proxy_config_set_avpf_rr_interval(lpc, 3);
 	}
+
+	if (encryption_mandatory) {
+		linphone_core_set_media_encryption_mandatory(marie->lc,TRUE);
+		linphone_core_set_media_encryption_mandatory(pauline->lc,TRUE);
+	}
+
 	if (linphone_core_media_encryption_supported(marie->lc, srtp1)) {
 		linphone_core_set_media_encryption(marie->lc, srtp1);
 	} else {
@@ -206,6 +212,9 @@ end:
 	linphone_core_manager_destroy(marie);
 }
 
+static void profile_call(bool_t avpf1, LinphoneMediaEncryption srtp1, bool_t avpf2, LinphoneMediaEncryption srtp2, const char *expected_profile) {
+	return profile_call_base(avpf1, srtp1, avpf2,srtp2,FALSE,expected_profile);
+}
 static void avp_to_avp_call(void) {
 	profile_call(FALSE, LinphoneMediaEncryptionNone, FALSE, LinphoneMediaEncryptionNone, "RTP/AVP");
 }
@@ -273,6 +282,12 @@ static void savpf_to_savpf_call(void) {
 static void savpf_dtls_to_savpf_dtls_call(void) {
 	profile_call(TRUE, LinphoneMediaEncryptionDTLS, TRUE, LinphoneMediaEncryptionDTLS, "UDP/TLS/RTP/SAVPF");
 }
+static void savpf_dtls_to_savpf_dtls_encryption_mandatory_call(void) {
+	profile_call_base(TRUE, LinphoneMediaEncryptionDTLS, TRUE, LinphoneMediaEncryptionDTLS, TRUE, "UDP/TLS/RTP/SAVPF");
+}
+static void savpf_dtls_to_savpf_encryption_mandatory_call(void) {
+	/*profile_call_base(TRUE, LinphoneMediaEncryptionDTLS, TRUE, LinphoneMediaEncryptionSRTP, TRUE, "UDP/TLS/RTP/SAVPF"); not sure of result*/
+}
 
 static void savpf_dtls_to_savpf_call(void) {
 	profile_call(TRUE, LinphoneMediaEncryptionDTLS, TRUE, LinphoneMediaEncryptionSRTP, "UDP/TLS/RTP/SAVPF");
@@ -303,8 +318,11 @@ static test_t offeranswer_tests[] = {
 	{ "SAVPF to SAVP call", savpf_to_savp_call },
 	{ "SAVPF to SAVPF call", savpf_to_savpf_call },
 	{ "SAVPF/DTLS to SAVPF/DTLS call", savpf_dtls_to_savpf_dtls_call},
+	{ "SAVPF/DTLS to SAVPF/DTLS encryption mandatory call", savpf_dtls_to_savpf_dtls_encryption_mandatory_call},
 	{ "SAVPF/DTLS to SAVPF call", savpf_dtls_to_savpf_call},
+	{ "SAVPF/DTLS to SAVPF encryption mandatory call", savpf_dtls_to_savpf_encryption_mandatory_call},
 	{ "SAVPF/DTLS to AVPF call", savpf_dtls_to_avpf_call},
+
 };
 
 test_suite_t offeranswer_test_suite = {