@ -443,6 +443,7 @@ static int ast_rtp_sendcng(struct ast_rtp_instance *instance, int level);
# ifdef HAVE_OPENSSL_SRTP
static int ast_rtp_activate ( struct ast_rtp_instance * instance ) ;
static void dtls_srtp_check_pending ( struct ast_rtp_instance * instance , struct ast_rtp * rtp , int rtcp ) ;
static void dtls_srtp_flush_pending ( struct ast_rtp_instance * instance , struct ast_rtp * rtp ) ;
static void dtls_srtp_start_timeout_timer ( struct ast_rtp_instance * instance , struct ast_rtp * rtp , int rtcp ) ;
static void dtls_srtp_stop_timeout_timer ( struct ast_rtp_instance * instance , struct ast_rtp * rtp , int rtcp ) ;
# endif
@ -1666,15 +1667,20 @@ static void ast_rtp_on_ice_complete(pj_ice_sess *ice, pj_status_t status)
if ( rtp - > rtcp ) {
update_address_with_ice_candidate ( rtp , AST_RTP_ICE_COMPONENT_RTCP , & rtp - > rtcp - > them ) ;
}
}
# ifdef HAVE_OPENSSL_SRTP
if ( rtp - > dtls . dtls_setup ! = AST_RTP_DTLS_SETUP_PASSIVE ) {
dtls_perform_handshake ( instance , & rtp - > dtls , 0 ) ;
}
else {
dtls_srtp_flush_pending ( instance , rtp ) ; /* this flushes pending BIO for both rtp & rtcp as needed. */
}
if ( rtp - > rtcp ) {
if ( rtp - > rtcp & & rtp - > rtcp - > dtls . dtls_setup ! = AST_RTP_DTLS_SETUP_PASSIVE ) {
dtls_perform_handshake ( instance , & rtp - > rtcp - > dtls , 1 ) ;
}
# endif
}
if ( ! strictrtp ) {
return ;
@ -1867,6 +1873,23 @@ static void dtls_srtp_stop_timeout_timer(struct ast_rtp_instance *instance, stru
ast_mutex_unlock ( & dtls - > lock ) ;
}
static void dtls_srtp_flush_pending ( struct ast_rtp_instance * instance , struct ast_rtp * rtp )
{
struct dtls_details * dtls ;
dtls = & rtp - > dtls ;
ast_mutex_lock ( & dtls - > lock ) ;
dtls_srtp_check_pending ( instance , rtp , 0 ) ;
ast_mutex_unlock ( & dtls - > lock ) ;
if ( rtp - > rtcp ) {
dtls = & rtp - > rtcp - > dtls ;
ast_mutex_lock ( & dtls - > lock ) ;
dtls_srtp_check_pending ( instance , rtp , 1 ) ;
ast_mutex_unlock ( & dtls - > lock ) ;
}
}
static void dtls_srtp_check_pending ( struct ast_rtp_instance * instance , struct ast_rtp * rtp , int rtcp )
{
struct dtls_details * dtls = ! rtcp ? & rtp - > dtls : & rtp - > rtcp - > dtls ;
@ -4675,9 +4698,6 @@ static int ast_rtp_fd(struct ast_rtp_instance *instance, int rtcp)
static void ast_rtp_remote_address_set ( struct ast_rtp_instance * instance , struct ast_sockaddr * addr )
{
struct ast_rtp * rtp = ast_rtp_instance_get_data ( instance ) ;
# ifdef HAVE_OPENSSL_SRTP
struct dtls_details * dtls ;
# endif
if ( rtp - > rtcp ) {
ast_debug ( 1 , " Setting RTCP address on RTP instance '%p' \n " , instance ) ;
@ -4698,22 +4718,10 @@ static void ast_rtp_remote_address_set(struct ast_rtp_instance *instance, struct
# ifdef HAVE_OPENSSL_SRTP
/* Trigger pending outbound DTLS packets received before the address was set. Avoid unnecessary locking
* by checking if we ' re passive . Without this , we only send the pending packets once a new SSL packet is
* received in __rtp_recvfrom .
* received in __rtp_recvfrom . If rtp - > ice , this is instead done on_ice_complete
*/
dtls = & rtp - > dtls ;
if ( dtls - > dtls_setup = = AST_RTP_DTLS_SETUP_PASSIVE ) {
ast_mutex_lock ( & dtls - > lock ) ;
dtls_srtp_check_pending ( instance , rtp , 0 ) ;
ast_mutex_unlock ( & dtls - > lock ) ;
}
if ( rtp - > rtcp ) {
dtls = & rtp - > rtcp - > dtls ;
if ( dtls - > dtls_setup = = AST_RTP_DTLS_SETUP_PASSIVE ) {
ast_mutex_lock ( & dtls - > lock ) ;
dtls_srtp_check_pending ( instance , rtp , 1 ) ;
ast_mutex_unlock ( & dtls - > lock ) ;
}
if ( ! rtp - > ice & & rtp - > dtls . dtls_setup = = AST_RTP_DTLS_SETUP_PASSIVE ) {
dtls_srtp_flush_pending ( instance , rtp ) ;
}
# endif
Dade Brandon
10 years ago