diff --git a/daemon/crypto.c b/daemon/crypto.c index d1822780f..c90ebce0c 100644 --- a/daemon/crypto.c +++ b/daemon/crypto.c @@ -21,21 +21,21 @@ __thread GString *crypto_debug_string; static int aes_cm_encrypt_rtp(struct crypto_context *, struct rtp_header *, str *, uint32_t); -static int aes_cm_encrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint64_t); +static int aes_cm_encrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); static int aes_gcm_encrypt_rtp(struct crypto_context *, struct rtp_header *, str *, uint32_t); static int aes_gcm_decrypt_rtp(struct crypto_context *, struct rtp_header *, str *, uint32_t); -static int aes_gcm_encrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint64_t); -static int aes_gcm_decrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint64_t); +static int aes_gcm_encrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); +static int aes_gcm_decrypt_rtcp(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); static int hmac_sha1_rtp(struct crypto_context *, char *out, str *in, uint32_t); static int hmac_sha1_rtcp(struct crypto_context *, char *out, str *in); static int aes_f8_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx); -static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx); +static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx); static int aes_cm_session_key_init(struct crypto_context *c); static int aes_gcm_session_key_init(struct crypto_context *c); static int aes_f8_session_key_init(struct crypto_context *c); static int evp_session_key_cleanup(struct crypto_context *c); static int null_crypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx); -static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx); +static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx); /* all lengths are in bytes */ struct crypto_suite __crypto_suites[] = { @@ -541,7 +541,7 @@ static int aes_cm_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, st } /* rfc 3711 sections 3.4 and 4.1 */ -static int aes_cm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx) { +static int aes_cm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { return aes_cm_encrypt(c, r->ssrc, s, idx); } @@ -636,7 +636,7 @@ union aes_gcm_rtcp_iv { _Static_assert(offsetof(union aes_gcm_rtcp_iv, srtcp) == 8, "union aes_gcm_rtcp_iv not packed"); -static int aes_gcm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx) { +static int aes_gcm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { union aes_gcm_rtcp_iv iv; uint32_t e_idx; int len, ciphertext_len; @@ -667,7 +667,7 @@ static int aes_gcm_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, return 0; } -static int aes_gcm_decrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx) { +static int aes_gcm_decrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { union aes_gcm_rtcp_iv iv; uint32_t e_idx; int len, plaintext_len; @@ -778,7 +778,7 @@ static int aes_f8_encrypt_rtp(struct crypto_context *c, struct rtp_header *r, st } /* rfc 3711 section 4.1.2.3 */ -static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx) { +static int aes_f8_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { unsigned char iv[16]; uint32_t i; @@ -935,7 +935,7 @@ static int evp_session_key_cleanup(struct crypto_context *c) { static int null_crypt_rtp(struct crypto_context *c, struct rtp_header *r, str *s, uint32_t idx) { return 0; } -static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint64_t idx) { +static int null_crypt_rtcp(struct crypto_context *c, struct rtcp_packet *r, str *s, uint32_t idx) { return 0; } diff --git a/daemon/media_socket.c b/daemon/media_socket.c index 235c49e27..a2812981a 100644 --- a/daemon/media_socket.c +++ b/daemon/media_socket.c @@ -1351,9 +1351,6 @@ static int __k_srtp_crypt(struct rtpengine_srtp *s, struct crypto_context *c, .rtp_auth_tag_len= c->params.crypto_suite->srtp_auth_tag, .rtcp_auth_tag_len= c->params.crypto_suite->srtcp_auth_tag, }; - for (unsigned int i = 0; i < RTPE_NUM_SSRC_TRACKING; i++) { - s->last_rtcp_index[i] = ssrc_ctx[i] ? ssrc_ctx[i]->srtcp_index : 0; - } if (c->params.mki_len) memcpy(s->mki, c->params.mki, c->params.mki_len); memcpy(s->master_key, c->params.master_key, c->params.crypto_suite->master_key_len); @@ -1792,12 +1789,7 @@ static void __stream_consume_stats(struct packet_stream *ps, const struct rtpeng if (!ssrc_ctx) ssrc_ctx = __hunt_ssrc_ctx(ssrc_map_out, sink->ssrc_out, u); - if (ssrc_ctx) { - if (sh->kernel_output_idx >= 0) { - ssrc_ctx->srtcp_index - = stats_info->last_rtcp_index[sh->kernel_output_idx][u]; - } - } + // XXX mutex_unlock(&sink->out_lock); } @@ -3499,10 +3491,6 @@ enum thread_looper_action kernel_stats_updater(void) { payload_tracker_add(&ctx->tracker, atomic_get_na(&ps->stats_in->last_pt)); // XXX redis update - if (ctx->srtcp_index != o->encrypt.last_rtcp_index[u]) { - ctx->srtcp_index = o->encrypt.last_rtcp_index[u]; - update = true; - } } mutex_unlock(&sink->out_lock); } diff --git a/daemon/redis.c b/daemon/redis.c index 74b5e9aa2..7a855d65b 100644 --- a/daemon/redis.c +++ b/daemon/redis.c @@ -1928,10 +1928,10 @@ static int json_build_ssrc(struct call_monologue *ml, JsonReader *root_reader) { if (!se) goto next; atomic_set_na(&se->input_ctx.stats->ext_seq, json_reader_get_ll(root_reader, "in_srtp_index")); - se->input_ctx.srtcp_index = json_reader_get_ll(root_reader, "in_srtcp_index"); + atomic_set_na(&se->input_ctx.stats->rtcp_seq, json_reader_get_ll(root_reader, "in_srtcp_index")); payload_tracker_add(&se->input_ctx.tracker, json_reader_get_ll(root_reader, "in_payload_type")); atomic_set_na(&se->output_ctx.stats->ext_seq, json_reader_get_ll(root_reader, "out_srtp_index")); - se->output_ctx.srtcp_index = json_reader_get_ll(root_reader, "out_srtcp_index"); + atomic_set_na(&se->output_ctx.stats->rtcp_seq, json_reader_get_ll(root_reader, "out_srtcp_index")); payload_tracker_add(&se->output_ctx.tracker, json_reader_get_ll(root_reader, "out_payload_type")); obj_put(&se->h); @@ -2553,10 +2553,10 @@ char* redis_encode_json(call_t *c) { JSON_SET_SIMPLE("ssrc", "%" PRIu32, se->h.ssrc); // XXX use function for in/out JSON_SET_SIMPLE("in_srtp_index", "%u", atomic_get_na(&se->input_ctx.stats->ext_seq)); - JSON_SET_SIMPLE("in_srtcp_index", "%" PRIu64, se->input_ctx.srtcp_index); + JSON_SET_SIMPLE("in_srtcp_index", "%u", atomic_get_na(&se->input_ctx.stats->rtcp_seq)); JSON_SET_SIMPLE("in_payload_type", "%i", se->input_ctx.tracker.most[0]); JSON_SET_SIMPLE("out_srtp_index", "%u", atomic_get_na(&se->output_ctx.stats->ext_seq)); - JSON_SET_SIMPLE("out_srtcp_index", "%" PRIu64, se->output_ctx.srtcp_index); + JSON_SET_SIMPLE("out_srtcp_index", "%u", atomic_get_na(&se->output_ctx.stats->rtcp_seq)); JSON_SET_SIMPLE("out_payload_type", "%i", se->output_ctx.tracker.most[0]); // XXX add rest of info diff --git a/daemon/rtcp.c b/daemon/rtcp.c index 20a06daf2..dd9033ee4 100644 --- a/daemon/rtcp.c +++ b/daemon/rtcp.c @@ -842,6 +842,7 @@ error: /* rfc 3711 section 3.4 */ int rtcp_avp2savp(str *s, struct crypto_context *c, struct ssrc_ctx *ssrc_ctx) { struct rtcp_packet *rtcp; + unsigned int i; uint32_t *idx; str to_auth, payload; @@ -852,14 +853,14 @@ int rtcp_avp2savp(str *s, struct crypto_context *c, struct ssrc_ctx *ssrc_ctx) { if (check_session_keys(c)) return -1; + i = atomic_get_na(&ssrc_ctx->stats->rtcp_seq); crypto_debug_init(1); - crypto_debug_printf("RTCP SSRC %" PRIx32 ", idx %" PRIu64 ", plain pl: ", - rtcp->ssrc, ssrc_ctx->srtcp_index); + crypto_debug_printf("RTCP SSRC %" PRIx32 ", idx %u, plain pl: ", + rtcp->ssrc, i); crypto_debug_dump(&payload); int prev_len = payload.len; - if (!c->params.session_params.unencrypted_srtcp && crypto_encrypt_rtcp(c, rtcp, &payload, - ssrc_ctx->srtcp_index)) + if (!c->params.session_params.unencrypted_srtcp && crypto_encrypt_rtcp(c, rtcp, &payload, i)) return -1; s->len += payload.len - prev_len; @@ -867,9 +868,9 @@ int rtcp_avp2savp(str *s, struct crypto_context *c, struct ssrc_ctx *ssrc_ctx) { crypto_debug_dump(&payload); idx = (void *) s->s + s->len; - *idx = htonl((c->params.session_params.unencrypted_srtcp ? 0ULL : 0x80000000ULL) | - ssrc_ctx->srtcp_index++); + *idx = htonl((c->params.session_params.unencrypted_srtcp ? 0ULL : 0x80000000ULL) | i); s->len += sizeof(*idx); + atomic_inc_na(&ssrc_ctx->stats->rtcp_seq); to_auth = *s; diff --git a/include/crypto.h b/include/crypto.h index e5d8bef70..dc8b818c5 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -20,7 +20,7 @@ struct rtp_header; struct rtcp_packet; typedef int (*crypto_func_rtp)(struct crypto_context *, struct rtp_header *, str *, uint32_t); -typedef int (*crypto_func_rtcp)(struct crypto_context *, struct rtcp_packet *, str *, uint64_t); +typedef int (*crypto_func_rtcp)(struct crypto_context *, struct rtcp_packet *, str *, uint32_t); typedef int (*hash_func_rtp)(struct crypto_context *, char *out, str *in, uint32_t); typedef int (*hash_func_rtcp)(struct crypto_context *, char *out, str *in); typedef int (*session_key_init_func)(struct crypto_context *); @@ -133,12 +133,12 @@ INLINE int crypto_decrypt_rtp(struct crypto_context *c, struct rtp_header *rtp, return c->params.crypto_suite->decrypt_rtp(c, rtp, payload, index); } INLINE int crypto_encrypt_rtcp(struct crypto_context *c, struct rtcp_packet *rtcp, - str *payload, uint64_t index) + str *payload, uint32_t index) { return c->params.crypto_suite->encrypt_rtcp(c, rtcp, payload, index); } INLINE int crypto_decrypt_rtcp(struct crypto_context *c, struct rtcp_packet *rtcp, - str *payload, uint64_t index) + str *payload, uint32_t index) { return c->params.crypto_suite->decrypt_rtcp(c, rtcp, payload, index); } diff --git a/include/ssrc.h b/include/ssrc.h index 41d4016cc..c458d3d08 100644 --- a/include/ssrc.h +++ b/include/ssrc.h @@ -41,7 +41,6 @@ struct ssrc_ctx { struct payload_tracker tracker; void *ref; // points to the call_monologue but is opaque - uint64_t srtcp_index; // XXX move entire crypto context in here? // for transcoding diff --git a/kernel-module/common_stats.h b/kernel-module/common_stats.h index 68686bb41..584123f4c 100644 --- a/kernel-module/common_stats.h +++ b/kernel-module/common_stats.h @@ -64,6 +64,7 @@ struct ssrc_stats { atomic64 bytes; atomic_t timestamp; atomic_t ext_seq; + atomic_t rtcp_seq; uint32_t lost_bits; // sliding bitfield, [0] = ext_seq atomic_t total_lost; atomic_t transit; diff --git a/kernel-module/xt_RTPENGINE.c b/kernel-module/xt_RTPENGINE.c index ab5762fff..35eb34b15 100644 --- a/kernel-module/xt_RTPENGINE.c +++ b/kernel-module/xt_RTPENGINE.c @@ -1679,10 +1679,11 @@ static int proc_list_show(struct seq_file *f, void *v) { for (i = 0; i < ARRAY_SIZE(g->target.ssrc); i++) { if (!g->target.ssrc[i] || !g->target.ssrc_stats[i]) break; - seq_printf(f, "%s %lx [seq %u]", + seq_printf(f, "%s %lx [seq %u/%u]", (i == 0) ? "" : ",", (unsigned long) ntohl(g->target.ssrc[i]), - atomic_read(&g->target.ssrc_stats[i]->ext_seq)); + atomic_read(&g->target.ssrc_stats[i]->ext_seq), + atomic_read(&g->target.ssrc_stats[i]->rtcp_seq)); } seq_printf(f, "\n"); @@ -1737,11 +1738,12 @@ static int proc_list_show(struct seq_file *f, void *v) { for (j = 0; j < ARRAY_SIZE(o->output.ssrc_out); j++) { if (!o->output.ssrc_stats[j]) break; - seq_printf(f, "%s %lx [seq %u+%u]", + seq_printf(f, "%s %lx [seq %u+%u/%u]", (j == 0) ? "" : ",", (unsigned long) ntohl(o->output.ssrc_out[j]), atomic_read(&o->output.ssrc_stats[j]->ext_seq), - (unsigned int) o->output.seq_offset[j]); + (unsigned int) o->output.seq_offset[j], + atomic_read(&o->output.ssrc_stats[j]->rtcp_seq)); } seq_printf(f, "\n"); @@ -1841,22 +1843,6 @@ static struct re_dest_addr *find_dest_addr(const struct re_dest_addr_hash *h, co -static void target_retrieve_stats(struct rtpengine_target *g, struct rtpengine_stats_info *i) { - unsigned int u, v; - unsigned long flags; - - spin_lock_irqsave(&g->ssrc_stats_lock, flags); - - for (u = 0; u < g->target.num_destinations; u++) { - for (v = 0; v < RTPE_NUM_SSRC_TRACKING; v++) - i->last_rtcp_index[u][v] = g->outputs[u].output.encrypt.last_rtcp_index[v]; - } - - spin_unlock_irqrestore(&g->ssrc_stats_lock, flags); -} - - - // retrieve and return the current stats for a target static int table_get_target_stats(struct rtpengine_table *t, const struct re_address *local, struct rtpengine_stats_info *i) @@ -1867,8 +1853,6 @@ static int table_get_target_stats(struct rtpengine_table *t, const struct re_add if (!g) return -ENOENT; - target_retrieve_stats(g, i); - target_put(g); return 0; @@ -1936,8 +1920,6 @@ static int table_del_target_stats(struct rtpengine_table *t, const struct re_add if (IS_ERR(g)) return PTR_ERR(g); - target_retrieve_stats(g, i); - target_put(g); return 0; @@ -5130,13 +5112,13 @@ static void proxy_packet_output_rtcp(struct sk_buff *skb, struct rtpengine_outpu ssrc_idx = 0; spin_lock_irqsave(&o->encrypt_rtcp.lock, flags); - tmp_idx = pkt_idx = o->output.encrypt.last_rtcp_index[ssrc_idx]; + tmp_idx = pkt_idx = atomic_read(&o->output.ssrc_stats[ssrc_idx]->rtcp_seq); spin_unlock_irqrestore(&o->encrypt_rtcp.lock, flags); pllen = rtp->payload_len; srtcp_encrypt(&o->encrypt_rtcp, &o->output.encrypt, rtp, &tmp_idx); srtcp_authenticate(&o->encrypt_rtcp, &o->output.encrypt, rtp, pkt_idx); skb_put(skb, rtp->payload_len - pllen); - o->output.encrypt.last_rtcp_index[ssrc_idx] = tmp_idx; + atomic_set(&o->output.ssrc_stats[ssrc_idx]->rtcp_seq, tmp_idx); } static bool proxy_packet_output_rtXp(struct sk_buff *skb, struct rtpengine_output *o, diff --git a/kernel-module/xt_RTPENGINE.h b/kernel-module/xt_RTPENGINE.h index 552ba163c..7dc909ecd 100644 --- a/kernel-module/xt_RTPENGINE.h +++ b/kernel-module/xt_RTPENGINE.h @@ -62,7 +62,6 @@ struct rtpengine_srtp { unsigned int session_key_len; unsigned int session_salt_len; unsigned char mki[256]; /* XXX uses too much memory? */ - uint64_t last_rtcp_index[RTPE_NUM_SSRC_TRACKING]; unsigned int rtp_auth_tag_len; /* in bytes */ unsigned int rtcp_auth_tag_len; /* in bytes */ unsigned int mki_len; @@ -163,7 +162,6 @@ struct rtpengine_packet_info { struct rtpengine_stats_info { uint32_t ssrc[RTPE_NUM_SSRC_TRACKING]; struct ssrc_stats ssrc_stats[RTPE_NUM_SSRC_TRACKING]; - uint64_t last_rtcp_index[RTPE_MAX_FORWARD_DESTINATIONS][RTPE_NUM_SSRC_TRACKING]; }; enum rtpengine_command {