From f2b3f615fa8165d08a16788e659020ab8fad7520 Mon Sep 17 00:00:00 2001
From: Johan Pascal <johan.pascal@belledonne-communications.com>
Date: Thu, 26 Mar 2015 12:40:09 +0100
Subject: [PATCH] Fix ZRTP config management when no config is present + add
 tests on ZRTP configurations

---
 coreapi/linphonecall.c                        | 13 +++--
 mediastreamer2                                |  2 +-
 oRTP                                          |  2 +-
 tester/call_tester.c                          | 33 +++++++++---
 tester/liblinphone_tester.h                   |  1 +
 tester/rcfiles/marie_zrtp_aes256_rc           | 54 +++++++++++++++++++
 tester/rcfiles/marie_zrtp_b256_rc             | 54 +++++++++++++++++++
 tester/rcfiles/marie_zrtp_srtpsuite_aes256_rc | 54 +++++++++++++++++++
 tester/rcfiles/pauline_zrtp_aes256_rc         | 51 ++++++++++++++++++
 tester/rcfiles/pauline_zrtp_b256_rc           | 51 ++++++++++++++++++
 .../rcfiles/pauline_zrtp_srtpsuite_aes256_rc  | 51 ++++++++++++++++++
 11 files changed, 354 insertions(+), 12 deletions(-)
 create mode 100644 tester/rcfiles/marie_zrtp_aes256_rc
 create mode 100644 tester/rcfiles/marie_zrtp_b256_rc
 create mode 100644 tester/rcfiles/marie_zrtp_srtpsuite_aes256_rc
 create mode 100644 tester/rcfiles/pauline_zrtp_aes256_rc
 create mode 100644 tester/rcfiles/pauline_zrtp_b256_rc
 create mode 100644 tester/rcfiles/pauline_zrtp_srtpsuite_aes256_rc

diff --git a/coreapi/linphonecall.c b/coreapi/linphonecall.c
index 7474ff3fe..6bf86088f 100644
--- a/coreapi/linphonecall.c
+++ b/coreapi/linphonecall.c
@@ -2682,6 +2682,7 @@ static void setZrtpCryptoTypesParameters(MSZrtpParams *params, LinphoneCore *lc)
 {
 	int i;
 	const MSCryptoSuite *srtp_suites;
+	MsZrtpCryptoTypesCount ciphersCount, authTagsCount;
 
 	if (params == NULL) return;
 	if (lc == NULL) return;
@@ -2718,10 +2719,16 @@ static void setZrtpCryptoTypesParameters(MSZrtpParams *params, LinphoneCore *lc)
 		}
 	}
 
-    // linphone_core_get_srtp_crypto_suites is used to determine sensible defaults; here each can be overridden
-	params->ciphersCount = linphone_core_get_zrtp_cipher_suites(lc, params->ciphers);
+	/* linphone_core_get_srtp_crypto_suites is used to determine sensible defaults; here each can be overridden */
+	ciphersCount = linphone_core_get_zrtp_cipher_suites(lc, params->ciphers); /* if not present in config file, params->ciphers is not modified */
+	if (ciphersCount!=0) { /* use zrtp_cipher_suites config only when present, keep config from srtp_crypto_suite otherwise */
+		params->ciphersCount = ciphersCount;
+	}
 	params->hashesCount = linphone_core_get_zrtp_hash_suites(lc, params->hashes);
-	params->authTagsCount = linphone_core_get_zrtp_auth_suites(lc, params->authTags);
+	authTagsCount = linphone_core_get_zrtp_auth_suites(lc, params->authTags); /* if not present in config file, params->authTags is not modified */
+	if (authTagsCount!=0) {
+		params->authTagsCount = authTagsCount; /* use zrtp_auth_suites config only when present, keep config from srtp_crypto_suite otherwise */
+	}
 	params->sasTypesCount = linphone_core_get_zrtp_sas_suites(lc, params->sasTypes);
 	params->keyAgreementsCount = linphone_core_get_zrtp_key_agreement_suites(lc, params->keyAgreements);
 }
diff --git a/mediastreamer2 b/mediastreamer2
index 0c512c371..ea929123d 160000
--- a/mediastreamer2
+++ b/mediastreamer2
@@ -1 +1 @@
-Subproject commit 0c512c371f13f497886607129bf948672e15c26e
+Subproject commit ea929123dc1ac4f7c9ade03be6a4e8c69635f26c
diff --git a/oRTP b/oRTP
index 3585f8859..c1d4d9fb0 160000
--- a/oRTP
+++ b/oRTP
@@ -1 +1 @@
-Subproject commit 3585f88590bcbf08c195934b490f55715eb97325
+Subproject commit c1d4d9fb000ed3208ebb2f5b79987dfb115f0c99
diff --git a/tester/call_tester.c b/tester/call_tester.c
index df6b0b0eb..aee501431 100644
--- a/tester/call_tester.c
+++ b/tester/call_tester.c
@@ -2042,6 +2042,18 @@ static void srtp_call() {
 static void zrtp_call() {
 	call_base(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE);
 }
+
+static void zrtp_sas_call() {
+	call_base_with_configfile(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE, "marie_zrtp_b256_rc", "pauline_zrtp_b256_rc");
+	call_base_with_configfile(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE, "marie_zrtp_b256_rc", "pauline_rc");
+}
+
+static void zrtp_cipher_call() {
+	call_base_with_configfile(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE, "marie_zrtp_srtpsuite_aes256_rc", "pauline_zrtp_srtpsuite_aes256_rc");
+	call_base_with_configfile(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE, "marie_zrtp_aes256_rc", "pauline_zrtp_aes256_rc");
+	call_base_with_configfile(LinphoneMediaEncryptionZRTP,FALSE,FALSE,LinphonePolicyNoFirewall,FALSE, "marie_zrtp_aes256_rc", "pauline_rc");
+}
+
 static void zrtp_video_call() {
 	call_base(LinphoneMediaEncryptionZRTP,TRUE,FALSE,LinphonePolicyNoFirewall,FALSE);
 }
@@ -2230,9 +2242,9 @@ end:
 
 }
 
-void call_base(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_relay,LinphoneFirewallPolicy policy,bool_t enable_tunnel) {
-	LinphoneCoreManager* marie = linphone_core_manager_new( "marie_rc");
-	LinphoneCoreManager* pauline = linphone_core_manager_new( "pauline_rc");
+void call_base_with_configfile(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_relay,LinphoneFirewallPolicy policy,bool_t enable_tunnel, const char *marie_rc, const char *pauline_rc) {
+	LinphoneCoreManager* marie = linphone_core_manager_new(marie_rc);
+	LinphoneCoreManager* pauline = linphone_core_manager_new(pauline_rc);
 	if (enable_relay) {
 		linphone_core_set_user_agent(marie->lc,"Natted Linphone",NULL);
 		linphone_core_set_user_agent(pauline->lc,"Natted Linphone",NULL);
@@ -2279,10 +2291,10 @@ void call_base(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_r
 					&&
 					linphone_call_get_authentication_token(linphone_core_get_current_call(marie->lc))) {
 					/*check SAS*/
-								CU_ASSERT_STRING_EQUAL(linphone_call_get_authentication_token(linphone_core_get_current_call(pauline->lc))
-												,linphone_call_get_authentication_token(linphone_core_get_current_call(marie->lc)));
-								liblinphone_tester_check_rtcp(pauline,marie);
-								break;
+					CU_ASSERT_STRING_EQUAL(linphone_call_get_authentication_token(linphone_core_get_current_call(pauline->lc))
+								,linphone_call_get_authentication_token(linphone_core_get_current_call(marie->lc)));
+					liblinphone_tester_check_rtcp(pauline,marie);
+					break;
 				}
 				linphone_core_iterate(marie->lc);
 				linphone_core_iterate(pauline->lc);
@@ -2327,6 +2339,11 @@ void call_base(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_r
 	linphone_core_manager_destroy(marie);
 	linphone_core_manager_destroy(pauline);
 }
+
+void call_base(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_relay,LinphoneFirewallPolicy policy,bool_t enable_tunnel) {
+	call_base_with_configfile(mode, enable_video, enable_relay, policy, enable_tunnel, "marie_rc", "pauline_rc");
+}
+
 #ifdef VIDEO_ENABLED
 static void srtp_video_ice_call(void) {
 	call_base(LinphoneMediaEncryptionSRTP,TRUE,FALSE,LinphonePolicyUseIce,FALSE);
@@ -3806,6 +3823,8 @@ test_t call_tests[] = {
 	{ "Call paused resumed from callee", call_paused_resumed_from_callee },
 	{ "SRTP call", srtp_call },
 	{ "ZRTP call",zrtp_call},
+	{ "ZRTP SAS call",zrtp_sas_call},
+	{ "ZRTP Cipher call",zrtp_cipher_call},
 	{ "DTLS SRTP call",dtls_srtp_call},
 	{ "DTLS SRTP call with media relay", dtls_srtp_call_with_media_realy},
 	{ "ZRTP video call",zrtp_video_call},
diff --git a/tester/liblinphone_tester.h b/tester/liblinphone_tester.h
index 6ced687e5..72e6abd99 100644
--- a/tester/liblinphone_tester.h
+++ b/tester/liblinphone_tester.h
@@ -302,6 +302,7 @@ void liblinphone_tester_enable_ipv6(bool_t enabled);
 void linphone_call_cb(LinphoneCall *call,void * user_data);
 void call_paused_resumed_base(bool_t multicast);
 void simple_call_base(bool_t enable_multicast_recv_side);
+void call_base_with_configfile(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_relay,LinphoneFirewallPolicy policy,bool_t enable_tunnel, const char *marie_rc, const char *pauline_rc);
 void call_base(LinphoneMediaEncryption mode, bool_t enable_video,bool_t enable_relay,LinphoneFirewallPolicy policy,bool_t enable_tunnel);
 bool_t call_with_caller_params(LinphoneCoreManager* caller_mgr,LinphoneCoreManager* callee_mgr, const LinphoneCallParams *params);
 bool_t pause_call_1(LinphoneCoreManager* mgr_1,LinphoneCall* call_1,LinphoneCoreManager* mgr_2,LinphoneCall* call_2);
diff --git a/tester/rcfiles/marie_zrtp_aes256_rc b/tester/rcfiles/marie_zrtp_aes256_rc
new file mode 100644
index 000000000..6bf6d2612
--- /dev/null
+++ b/tester/rcfiles/marie_zrtp_aes256_rc
@@ -0,0 +1,54 @@
+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+register_only_when_network_is_up=0
+composing_idle_timeout=1
+zrtp_cipher_suites=MS_ZRTP_CIPHER_AES3,MS_ZRTP_CIPHER_AES1
+
+[auth_info_0]
+username=marie
+userid=marie
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+reg_proxy=sip.example.org;transport=tcp
+reg_route=sip.example.org;transport=tcp;lr
+reg_identity="Super Marie" <sip:marie@sip.example.org>
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+quality_reporting_collector=sip:collector@sip.example.org
+quality_reporting_enabled=1
+
+[friend_0]
+url="Paupoche" <sip:pauline@sip.example.org>
+pol=accept
+subscribe=0
+
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=28070-38000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
diff --git a/tester/rcfiles/marie_zrtp_b256_rc b/tester/rcfiles/marie_zrtp_b256_rc
new file mode 100644
index 000000000..b7cfca0a4
--- /dev/null
+++ b/tester/rcfiles/marie_zrtp_b256_rc
@@ -0,0 +1,54 @@
+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+register_only_when_network_is_up=0
+composing_idle_timeout=1
+zrtp_sas_suites=MS_ZRTP_SAS_B256
+
+[auth_info_0]
+username=marie
+userid=marie
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+reg_proxy=sip.example.org;transport=tcp
+reg_route=sip.example.org;transport=tcp;lr
+reg_identity="Super Marie" <sip:marie@sip.example.org>
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+quality_reporting_collector=sip:collector@sip.example.org
+quality_reporting_enabled=1
+
+[friend_0]
+url="Paupoche" <sip:pauline@sip.example.org>
+pol=accept
+subscribe=0
+
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=28070-38000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
diff --git a/tester/rcfiles/marie_zrtp_srtpsuite_aes256_rc b/tester/rcfiles/marie_zrtp_srtpsuite_aes256_rc
new file mode 100644
index 000000000..e966e59c2
--- /dev/null
+++ b/tester/rcfiles/marie_zrtp_srtpsuite_aes256_rc
@@ -0,0 +1,54 @@
+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+register_only_when_network_is_up=0
+composing_idle_timeout=1
+srtp_crypto_suites=AES_CM_256_HMAC_SHA1_80,AES_CM_256_HMAC_SHA1_32
+
+[auth_info_0]
+username=marie
+userid=marie
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+reg_proxy=sip.example.org;transport=tcp
+reg_route=sip.example.org;transport=tcp;lr
+reg_identity="Super Marie" <sip:marie@sip.example.org>
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+quality_reporting_collector=sip:collector@sip.example.org
+quality_reporting_enabled=1
+
+[friend_0]
+url="Paupoche" <sip:pauline@sip.example.org>
+pol=accept
+subscribe=0
+
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=28070-38000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
diff --git a/tester/rcfiles/pauline_zrtp_aes256_rc b/tester/rcfiles/pauline_zrtp_aes256_rc
new file mode 100644
index 000000000..470432c99
--- /dev/null
+++ b/tester/rcfiles/pauline_zrtp_aes256_rc
@@ -0,0 +1,51 @@
+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+register_only_when_network_is_up=0
+composing_idle_timeout=1
+zrtp_cipher_suites=MS_ZRTP_CIPHER_AES3,MS_ZRTP_CIPHER_AES1
+
+[auth_info_0]
+username=pauline
+userid=pauline
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+reg_proxy=sip2.linphone.org;transport=tls
+reg_route=sip2.linphone.org;transport=tls
+reg_identity=sip:pauline@sip.example.org
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+
+#[friend_0]
+#url="Mariette" <sip:marie@sip.example.org>
+#pol=accept
+#subscribe=0
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=39072-49000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
diff --git a/tester/rcfiles/pauline_zrtp_b256_rc b/tester/rcfiles/pauline_zrtp_b256_rc
new file mode 100644
index 000000000..e2d6ce14b
--- /dev/null
+++ b/tester/rcfiles/pauline_zrtp_b256_rc
@@ -0,0 +1,51 @@
+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+register_only_when_network_is_up=0
+composing_idle_timeout=1
+zrtp_sas_suites=MS_ZRTP_SAS_B256
+
+[auth_info_0]
+username=pauline
+userid=pauline
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+reg_proxy=sip2.linphone.org;transport=tls
+reg_route=sip2.linphone.org;transport=tls
+reg_identity=sip:pauline@sip.example.org
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+
+#[friend_0]
+#url="Mariette" <sip:marie@sip.example.org>
+#pol=accept
+#subscribe=0
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=39072-49000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general
diff --git a/tester/rcfiles/pauline_zrtp_srtpsuite_aes256_rc b/tester/rcfiles/pauline_zrtp_srtpsuite_aes256_rc
new file mode 100644
index 000000000..08ba14da8
--- /dev/null
+++ b/tester/rcfiles/pauline_zrtp_srtpsuite_aes256_rc
@@ -0,0 +1,51 @@
+[sip]
+sip_port=-1
+sip_tcp_port=-1
+sip_tls_port=-1
+default_proxy=0
+ping_with_options=0
+register_only_when_network_is_up=0
+composing_idle_timeout=1
+srtp_crypto_suites=AES_CM_256_HMAC_SHA1_80,AES_CM_256_HMAC_SHA1_32
+
+[auth_info_0]
+username=pauline
+userid=pauline
+passwd=secret
+realm=sip.example.org
+
+
+[proxy_0]
+reg_proxy=sip2.linphone.org;transport=tls
+reg_route=sip2.linphone.org;transport=tls
+reg_identity=sip:pauline@sip.example.org
+reg_expires=3600
+reg_sendregister=1
+publish=0
+dial_escape_plus=0
+
+#[friend_0]
+#url="Mariette" <sip:marie@sip.example.org>
+#pol=accept
+#subscribe=0
+
+[rtp]
+audio_rtp_port=18070-28000
+video_rtp_port=39072-49000
+
+[video]
+display=0
+capture=0
+show_local=0
+size=qcif
+enabled=0
+self_view=0
+automatically_initiate=0
+automatically_accept=0
+device=StaticImage: Static picture
+
+[sound]
+echocancellation=0 #to not overload cpu in case of VG
+
+[net]
+dns_srv_enabled=0 #no srv needed in general