res_rtp_asterisk: Don't send RTP before DTLS has negotiated.

There was no check in __rtp_sendto that prevented Asterisk from sending RTP before DTLS had finished negotiating. This patch adds logic to do so. Fixes: #1260
2 months ago · 9df2ba4eef
parent 09a3c8df70
commit 9df2ba4eef
1 changed files with 10 additions and 0 deletions
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@ -3451,6 +3451,16 @@ static int __rtp_sendto(struct ast_rtp_instance *instance, void *buf, size_t siz
 	struct ast_rtp *transport_rtp = ast_rtp_instance_get_data(transport);
 	struct ast_srtp *srtp = ast_rtp_instance_get_srtp(transport, rtcp);
 	int res;
+#if defined(HAVE_OPENSSL) && (OPENSSL_VERSION_NUMBER >= 0x10001000L) && !defined(OPENSSL_NO_SRTP)
+	char *out = buf;
+	struct dtls_details *dtls = !rtcp ? &rtp->dtls : &rtp->rtcp->dtls;
+
+	/* Don't send RTP if DTLS hasn't finished yet */
+	if (dtls->ssl && ((*out < 20) || (*out > 63)) && dtls->connection == AST_RTP_DTLS_CONNECTION_NEW) {
+		*via_ice = 0;
+		return 0;
+	}
+#endif

 	*via_ice = 0;