e03f814855
MT#55283 combine in/out_lock
With selected_sfd being protected by in_lock, we pretty much have to
hold at least in_lock everywhere, and end up requiring both locks in
many places. The distinction has become pointless.
Change-Id: Ic0ad976c2d68d9639b9434da7f0e6e9c0d84c185
4 months ago
ec6d07d7c5
MT#55283 dtls: add handshake type log
closes #1980
Change-Id: I4336ab567eaad77f6db9f9e32969808880d16494
5 months ago
16ccd39a2e
MT#55283 log: dtls log add src ip
closes #1975
Change-Id: Iff8ee0231be3d411249448582806cb8cf0e1ac86
5 months ago
52538450f9
MT#55283 support older BIO_set_callback
No idea if this actually works.
Closes #1942
Change-Id: I9c605ce15f4d2d7094bd8d92855dfeedc74b45d7
7 months ago
b455cf88a4
MT#55283 convert dtls to int64_t
Change-Id: Iff59c5a708655293612b114980a9cb13b9444ed1
8 months ago
c70510303a
MT#55283 convert rtpe_now to int64_t
First step in converting (almost) all timeval uses to int64_t
Change-Id: If20fd749c61c278273c535b68287df7e6f042808
8 months ago
ad8ce3541d
MT#61822 add RWLOCK_STATIC_INIT
Change-Id: I6718df967b70554a32c3caddcb4e29af4fb6d7f0
11 months ago
2ce79f9bb4
MT#61822 add type safety to obj_alloc
Make the macro return the appropriate pointer type, and make sure the
free function takes an argument of the same type. This also eliminates
some boilerplate type-casting code.
Change-Id: I3094271fa2c53ec93b9ff9f837d461cf422e0f12
12 months ago
27ea6b1381
MT#55283 DTLS groups: align with OpenSSL 1.1.1 and common EC groups
closes #1884
Change-Id: Ia2154044d2c0504b6b1a31b17629087d250a40b9
1 year ago
70d7ebfd64
MT#55283 fix signed/unsigned mixup
Bit fields have been changed to unsigned. Adjust code accordingly.
Warned-by: Coverity
Change-Id: I5e37361f7381a5e6fa7dff557ff3558bf62c2506
1 year ago
08332161cf
MT#55283 switch to BIO_set_callback_arg
Use a BIO WRITE callback instead of BIO_read'ing from the BIO after each
operation. This is a more direct way to intercept data that needs to be
sent out.
Implement MTU-related BIO callbacks.
Deduct the assumed IP MTU overhead from the configured MTU during
startup.
Unlike the previous code, this does not necessarily send DTLS from the
same socket that received a message, nor to the same address that sent
one, and instead always uses the selected_sfd and ->endpoint. This may
or may not be a regression.
Closes #1806
Change-Id: I4d4456df3f378d00782cbfa64afdb2a038217e6c
1 year ago
7b1557cc1e
MT#55283 rekernelize after DTLS connect
Change-Id: I468b6c07df96111ee49a85e36382a692dbeec82b
1 year ago
8e3e9fdb5a
MT#55283 use allocated memory for stream stats
Allocate memory from bufferpool for per-stream stats. No functional
change, but it allows sharing these between kernel and user space.
Change-Id: I370a49e1d94bb91c7fd0a2bc7d00ba65f99c4f6a
2 years ago
d6b09b53ea
MT#55283 add version test for X509_STORE_CTX_get0_cert
Looks like this didn't exist prior to 1.1.1
Fix-up for 8fba68f2c9
2 years ago
afd85a4f94
MT#55283 leave SRTP keys in place after DTLS shut
closes #1772
Change-Id: Iaf80e7314730537ca56112cd5f9e1f9c85ca6e3c
2 years ago
cd4f6608cd
MT#55283 convert struct stream_fd to typedef
Change-Id: I1435a5f755cb99833535d995871f1e9050f0ec73
2 years ago
4e7078834f
MT#55283 use typed GQueue for stream_fd
Change-Id: I75544a48c79481473effa9651f1ad2b59b234dc6
2 years ago
8fba68f2c9
MT#55283 verify "zero" DTLS cert
... instead of "current" if available
closes #1771
Change-Id: Id1b742b2446d4d59b3de251a1d1a5dcbed86834a
2 years ago
469789bf19
MT#55283 make code checkers happy
Fix all instances of argument-less function signatures.
Fix all instances of auto-cleanup variables declared after they need to
be in scope.
Change-Id: I3a005df03ede971e08d4f62d7c7711a1913fda5e
2 years ago
1de9aee92d
MT#55283 limit cname length
Thread comm names are limited in length. Make sure not to try to set
names that are too long.
Change-Id: I5e41e1d0d4b65af41fc0b356ad54df86df6f0b82
2 years ago
ac7d5e8dc3
MT#56374 remove DTLS timer from poller_timer
Use a dedicated looper thread instead of using the 1 Hz poller timer.
Change-Id: If63b240274121642043999725c72164240421110
2 years ago
850a1a582e
MT#57820 fix possible NULL deref
Don't attempt to send packets to an endpoint address that is empty and
hasn't been initialised.
Change-Id: Iabeb034ebfc56fc49083c6a10a85b92c6983eebc
2 years ago
1a28b73a2d
MT#55283 Rename aux -> helpers
Windows doesn't allow a file to be named aux, so checkout fails.
closes #1686
Change-Id: I4667561f430ec8d4767d2313890839754be77322
3 years ago
2f4f6d5273
MT#55283 Handle dtls retransmissions
closes #1311
closes #1649
Change-Id: Ibb07715377e813959401d5782d0d07b158417537
3 years ago
8f17f140eb
MT#55283 support generating a=tls-id
RFC 8842
Change-Id: I197e0e80205f6c732c0f8441091c8fda9191e675
3 years ago
387895b61c
TT#44805 add bookkeeping for output stream stats
Change-Id: I353d3785e79e9e3c53154de93f48d7229cf6643e
3 years ago
aed9279176
TT#172650 update for OpenSSL >= 3.0
closes #1477
Change-Id: I0d5c14f12dd4525d63b435a565f97b5f8abcd81e
4 years ago
cf076fc074
TT#172650 support EC keys for DTLS certificate
Change-Id: I695e9b334ce26c26de6a98a5d48fc930f6bebf41
4 years ago
b171029ccf
TT#172650 don't double free RSA key in case of failure
Change-Id: I9f314c5af3ce58020bdc092a52f03f76e22a9896
4 years ago
4ce91f52d0
TT#172650 use custom software ID string for cert CN
Change-Id: Ie52196bc492c9ad791b4a619410795e2dadbe1f0
4 years ago
008c4c7dce
TT#172650 update dtls_signature field to enum
Change-Id: I83bb566131b4fc6d00a6323ccd9b105bb01fd53f
4 years ago
af948b498a
TT#172650 don't segfault if no DTLS cert is available
Change-Id: Ic567b2f585aaa199766168c250f019183036f314
4 years ago
4a173c2ebc
TT#14008 fix erroneous crypto reset after rejecting DTLS
If DTLS is rejected in an answer via `DTLS=off` we must forget that DTLS
was previously offered, as otherwise a re-invite would detect the
fingerprint as changed if the re-invite doesn't offer DTLS again. We
also make sure DTLS is shut down if during stream init DTLS is not
given, when it was present before.
Change-Id: I48ee6f0ec5ec02f558a6799951552ea2272d0e96
4 years ago
d824acf69a
TT#91151 don't send DTLS to trickle ICE addresses
Change-Id: Ie2519391e30479547f8d6e4239d6d65c316c34b9
4 years ago
dd58a1a42d
TT#14008 reset SRTP index on endpoint change
closes #1277
Change-Id: If951bc8abdfb1cec88abf5fc6e36d48aff575e98
5 years ago
575435db73
Squashed commit of the following:
commit fd25c8e281e4e106f423
5 years ago
6fc793845b
TT#111150 Use {} instead of ; to mark an empty body
Change-Id: Ib87db24dbb0d89cb03052e7b8a2e8d8802246c33
Warned-by: gcc -Wempty-body
5 years ago
d5d0a3a994
TT#111150 convert str.len to size_t
This makes the type in line with string(3) functions and eliminates some
compiler warnings.
Also update the related bencode data type.
Change-Id: I7ef4024f4b5a0f737b3dbe03bcd078032395bce6
5 years ago
07716a6a85
TT#108003 Do not print the DTLS certificate and private key on OOM
When open_memstream() fails, we should not try to write to it.
Change-Id: I9f92a1e1cc4aebe005039f28e5e3219e323e63c6
Warned-by: coverity
5 years ago
e671a5dcab
TT#108552 prefer sha-256 over sha-1
Change-Id: I1c54b6410d492a2dbd7169f000c84ecebf9d817c
5 years ago
6602a3a7c5
TT#108551 add kernel support for AEAD-AES-GCM
Also amends tests plus additional clean ups
Closes #1133
Change-Id: I0dad7b8aad9cff1b019323c7ac5a356830ab09ad
5 years ago
30733ec5cd
TT#97301 support granular log levels
Change-Id: Ife458bd2449f61113a3e6db1708821570d92dc23
5 years ago
a4d0a35430
TT#101653 eliminate superfluous log messages
Change-Id: I1fdeaac3b301e4b6bd70b4ae207505bca1d3c0a3
5 years ago
cd3652e81a
TT#97302 fix some DTLS negotiation issues
add explicit flag for fingerprint length instead of using the hash
function
restart DTLS after a shutdown due to a reset
clear fingerprint buffer when running the hash
suppress stray log message when no fingerprint was seen yet
add option to test script
closes #1095
Change-Id: Ic58ea6c5aa48a215743d6a3c1b371fc4a5ea77ce
5 years ago
dc4775d5ce
TT#97302 respond with the same DTLS hash func as was offered
Change-Id: Id72df1083b5d329fa33875853981ec471440a6c1
5 years ago
4d2291846c
fix compilation without deprecated OpenSSL APIs
Signed-off-by: Rosen Penev <rosenp@gmail.com>
5 years ago
ec061bba6f
TT#84804 add new DTLS-reverse flag
closes #1038
Change-Id: Ic58b3e3c3d1fec75a2c6ea9ddb260141d9a2831f
5 years ago
a6d2f92962
Solve Valgrind "possibly lost" for redis and dtls
6 years ago
abe7caf066
TT#75350 update cipher lists and make the configurable
closes #918
Change-Id: I949810a7c84679eac25f65784f97fdd2e9abb07d
6 years ago
0cd8883639
TT#78203 add SRTP debug options
closes #956
Change-Id: I751f6bc1ea9228b257f6258dbb1927276db10c99
6 years ago
Richard Fuchs
wangduanduan
S-P Chan
Michal Hajek
Orgad Shaneh
Dennis Yurasov
Tinotenda Chingosho
Guillem Jover
Rosen Penev
Stefan Mititelu