RuhNetConsulting
/
rtpengine
mirror of https://github.com/sipwise/rtpengine
1
1
Fork 0
Code Issues 0 Projects 0 Releases 822 Wiki Activity
Browse Source

TT#113750 don't auto switch from an already selected fingerprint 

If we receive an SDP with a DTLS fingerprint, by default we adopt the
hash function used for that fingerprint in subsequent communication with
that peer. However, if the SDP is an answer, and we previously used a
different hash function in the offer towards that peer, then a later
re-invite offer would be sent with a different fingerprint, causing an
unexpected DTLS restart. Instead, make sure we don't change fingerprints
if one was already sent.

Change-Id: I603bb86ce2d7121556c161749ed08128dd0b63b2
pull/1219/head
Richard Fuchs 5 years ago
parent
3791b8f595
commit
8029a4d1cd
3 changed files with 10 additions and 4 deletions
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. +2
    -2
      daemon/call.c
  2. +7
    -2
      daemon/sdp.c
  3. +1
    -0
      include/call.h

+ 2
- 2
daemon/call.c View File

@ -1595,8 +1595,8 @@ static void __generate_crypto(const struct sdp_ng_flags *flags, struct call_medi
skip_sdes:
if (flags->opmode == OP_OFFER) {
if (MEDIA_ISSET(this, DTLS) && !this->fingerprint.hash_func && flags->dtls_fingerprint.len)
this->fingerprint.hash_func = dtls_find_hash_func(&flags->dtls_fingerprint);
if (MEDIA_ISSET(this, DTLS) && !this->fp_hash_func && flags->dtls_fingerprint.len)
this->fp_hash_func = dtls_find_hash_func(&flags->dtls_fingerprint);
}
}
// for an answer, uses the incoming received list of SDES crypto suites to prune


+ 7
- 2
daemon/sdp.c View File

@ -2288,12 +2288,16 @@ static void insert_dtls(struct call_media *media, struct sdp_chopper *chop) {
if (!call->dtls_cert || !MEDIA_ISSET(media, DTLS) || MEDIA_ISSET(media, PASSTHRU))
return;
hf = media->fp_hash_func;
if (!hf)
hf = media->fingerprint.hash_func;
struct dtls_fingerprint *fp = NULL;
for (GList *l = call->dtls_cert->fingerprints.head; l; l = l->next) {
fp = l->data;
if (!media->fingerprint.hash_func)
if (!hf)
break;
if (!strcasecmp(media->fingerprint.hash_func->name, fp->hash_func->name))
if (!strcasecmp(hf->name, fp->hash_func->name))
break;
fp = NULL;
}
@ -2301,6 +2305,7 @@ static void insert_dtls(struct call_media *media, struct sdp_chopper *chop) {
fp = call->dtls_cert->fingerprints.head->data;
hf = fp->hash_func;
media->fp_hash_func = hf;
assert(hf->num_bytes > 0);


+ 1
- 0
include/call.h View File

@ -312,6 +312,7 @@ struct call_media {
str media_id;
GQueue sdes_in, sdes_out;
struct dtls_fingerprint fingerprint; /* as received */
const struct dtls_hash_func *fp_hash_func; // outgoing
GQueue streams; /* normally RTP + RTCP */
GQueue endpoint_maps;


Write Preview
Loading…
Cancel
Save