The SRTP decryption context is associated with the local socket. Use the
socket that a packet was actually received on for the decryption context
instead of using the one that it was expected to be received on.
Change-Id: Iddf400a440fc51b4afb370ec827f75e9626b2cfd
When a receiving socket doesn't match the socket we were expecting, make
sure that the receiving socket is actually one of the sockets we want to
use at this point before blindly switching the socket.
This fixes a race condition after a re-invite: A new set of sockets has
been opened, but an old/delayed RTP packet still arrives on one of the
old ports. In this case we don't want to switch the local socket.
Change-Id: I4e2b87ad608b1a9c6a0bb2eae5c305fd79be70d5
In some cases it's possible that some packets still arrive in userspace
immediately after a stream has been pushed to the kernel, for example if
some packets are already in the queue or if there is some processing
delay (e.g. writing to Redis). Allow for a short delay before counting a
stream as userspace if it has been pushed to the kernel.
Change-Id: I55a6e255868c8c2a9e93355a4aa2287f07b3748d
(cherry picked from commit 8a99171200)
(cherry picked from commit 0cbf96b187)
Instead of just leaving the transport protocol unset when we know we're
not supposed to be aware of the protocol, add a special entry to
suppress the pointless warning message.
Change-Id: I228c2f1652320627f974d9d7bcb0b1345adce2be
(cherry picked from commit 7ed04c3949)
The packet must be decrypted first before RTP padding can be considered,
as the padding count is part of the encrypted payload as well.
Change-Id: I6aecff636efd420401856bb8110b3d784f989179
(cherry picked from commit 9e09cf3c40)
Zero SSRC are technically invalid, but the code accepts them as valid
and therefore sets up things like crypto contexts for zero SSRCs.
Consequently it's possible to have a zero SSRC first in the list of
SSRCs and other valid SSRCs later in the list, which means we can't use
the presence of a non-zero SSRC first in the list as a flag to determine
whether SSRC tracking is in use or not. Use an explicit flag instead.
Change-Id: I88736e5d6b0f66c58f8d675137231760951e7610
(cherry picked from commit 85ec6e2870)
Don't increase the index pointer before using it. This fixes slots 1 and
2 being filled before slot 0, which ends up filling slots 0 and 2 first
(due to swapping with slot 0), leaving slot 1 empty.
Change-Id: If34cf561fcb153edde6408252c3286c8c80991bc
(cherry picked from commit 6d26df0580)
When ports are closed early (while the call is still running), we must
first update a slave rtpengine with this new information (that these
ports are now closed) before actually releasing the ports ourselves. Not
doing so leads to a race condition where the master instance re-uses a
port that was just closed before the slave instance knows about the port
being closed.
We implement this using a thread-local list to keep track of ports that
were released while processing a control message, and process this list
to actually close the ports only after Redis has been updated.
Additional calls to the function to close the ports are placed in
strategic locations to make sure this is triggered in every code path.
closes#1495
Change-Id: I803f4594f30ca315da0b84c6e76893f54ca3a7c9
(cherry picked from commit 17bda4b1e8)
Initialising the other members of this struct is not really necessary as
they're not used in the hash lookup. But let's do it anyway.
Change-Id: Ia7cf982fe91e9c4d273b1fc2d2ee8b19ce345a13
Warned-by: coverity
There's no need to open ports on non-primary interfaces if ICE is not in
use as these ports will not be used or seen by anyone.
This mostly obsoletes the `save-interface-ports` config option, with the
exception of ICE advertised by the offerer. We currently have no option
to reject ICE from the offerer during the offer phase, so ports would
always be opened on that side.
Relevant to #1164 and 001abe5
Change-Id: I43df70bc0ec49b81f63aec97c776e48617b2acfd
We must now hold the master lock for reads from the socket as the socket
may get closed after the poller has already fired an event for it.
Change-Id: I1ab4b38f09988e8569a70c449de17c208ef2aa96
This is useful for functions which are used both from a timer and from
other callers. These functions would reset the logging context at their
end to free the reference held by the logging context, which would
wrongly reset the logging context when the same function was called from
a different code path. Using a stack with push/pop semantics makes it
safe to use these functions from any code path.
Additionally introduce an explicit reset function that clears the entire
stack regardless of context. This reset function is called at the end of
every work iteration in every worker thread, just in case not everything
was popped from the stack.
Change-Id: I0e2c142b95806b26473c65a882737e39d161d24d
Not only check for the presence of a sink, but also check for a sink FD.
Treat a sink without an FD as if there is no sink.
Closes#1401
Change-Id: I04c0be33f8cae39399674ca0a87185a729daa843
Flag a socket with an error strike when packets are received too fast,
and refuse processing once too many strikes have occurred. This should
prevent forwarding loops from taking down the system.
Change-Id: Idc574f2f1dbbcb156efc37a80e903dc4e60ef1b1
Distinguish between unconfirming the learned peer address and
retriggering the kernel stream. In particular we don't want to unconfirm
the sinks every time we confirmed our own peer, as that starts an
unconfirm/reconfirm loop.
Change-Id: I1f172385aefeacbc4585729bce25fbc68f04c2bd
We may have multiple subscribers, some of which may be dead/unused. We
don't care if we have these since we don't forward to them anyway.
possibly relevant for #1337
Change-Id: I3cded5080aa2005e9dd615cccf60bd4cba5feb7d
Richard Fuchs
John Burke