From 04d3aef6805aa2dbd5483ed4f9826b14c29faa50 Mon Sep 17 00:00:00 2001 From: Dmitry Ilyin Date: Sun, 28 Aug 2022 18:53:03 +0300 Subject: [PATCH] package/mbedtls: add configurable DTLS-SRTP support Add a new option to have MbedTLS builds that support DTLS-SRTP. We can only enable the support, it's disabled by default. Signed-off-by: Dmitry Ilyin [yann.morin.1998@free.fr: - rename variable - fix variable name in .mk - drop unnecessary ref to AWS library ] Signed-off-by: Yann E. MORIN --- package/mbedtls/Config.in | 6 ++++++ package/mbedtls/mbedtls.mk | 8 ++++++++ 2 files changed, 14 insertions(+) diff --git a/package/mbedtls/Config.in b/package/mbedtls/Config.in index a39ba65d98..abbe3356d8 100644 --- a/package/mbedtls/Config.in +++ b/package/mbedtls/Config.in @@ -29,4 +29,10 @@ config BR2_PACKAGE_MBEDTLS_COMPRESSION sure CRIME and similar attacks are not applicable to your particular situation. +config BR2_PACKAGE_MBEDTLS_DTLS_SRTP + bool "enable DTLS-SRTP support" + help + Enable support for negotiation of DTLS-SRTP (RFC 5764) + through the use_srtp extension. + endif diff --git a/package/mbedtls/mbedtls.mk b/package/mbedtls/mbedtls.mk index af87d62b30..1a888e8c67 100644 --- a/package/mbedtls/mbedtls.mk +++ b/package/mbedtls/mbedtls.mk @@ -72,4 +72,12 @@ else ifeq ($(BR2_microblaze)$(BR2_MIPS_CPU_MIPS32R6)$(BR2_MIPS_CPU_MIPS64R6),y) MBEDTLS_POST_CONFIGURE_HOOKS += MBEDTLS_DISABLE_ASM endif +ifeq ($(BR2_PACKAGE_MBEDTLS_DTLS_SRTP),y) +define MBEDTLS_ENABLE_DTLS_SRTP + $(SED) "s://#define MBEDTLS_SSL_DTLS_SRTP:#define MBEDTLS_SSL_DTLS_SRTP:" \ + $(@D)/include/mbedtls/config.h +endef +MBEDTLS_POST_PATCH_HOOKS += MBEDTLS_ENABLE_DTLS_SRTP +endif + $(eval $(cmake-package))