Squashed commit of the following:

commit fd25c8e281 Author: Tinotenda Chingosho <tinochingosho@googlemail.com> Date: Tue May 11 12:03:55 2021 +0100 Address review comments - update typo - document new parameter commit e4e106f423 Author: Tinotenda Chingosho <tinochingosho@googlemail.com> Date: Mon May 10 16:18:57 2021 +0100 Support Configurable MTU - default to 1200 - minmimum value 576 Change-Id: I6cbc03eb7f8198a211d70844c115d162d954dea8
5 years ago · 575435db73
parent d3390bae32
commit 575435db73
4 changed files with 18 additions and 2 deletions
--- a/daemon/dtls.c
+++ b/daemon/dtls.c
@ -575,9 +575,9 @@ int dtls_connection_init(struct dtls_connection *d, struct packet_stream *ps, in

 #if defined(SSL_OP_NO_QUERY_MTU)
 	SSL_CTX_set_options(d->ssl_ctx, SSL_OP_NO_QUERY_MTU);
-	SSL_set_mtu(d->ssl, 1500);
+	SSL_set_mtu(d->ssl, rtpe_config.dtls_mtu);
 #if defined(DTLS_set_link_mtu) || defined(DTLS_CTRL_SET_LINK_MTU) || OPENSSL_VERSION_NUMBER >= 0x10100000L
-	DTLS_set_link_mtu(d->ssl, 1500);
+	DTLS_set_link_mtu(d->ssl, rtpe_config.dtls_mtu);
 #endif
 #endif

--- a/daemon/main.c
+++ b/daemon/main.c
@ -79,6 +79,7 @@ struct rtpengine_config rtpe_config = {
 	.redis_connect_timeout = 1000,
 	.media_num_threads = -1,
 	.dtls_rsa_key_size = 2048,
+	.dtls_mtu = 1200, // chrome default mtu
 	.dtls_signature = 256,
 	.max_dtx = 30,
 	.dtx_shift = 5,
@ -477,6 +478,7 @@ static void options(int *argc, char ***argv) {
 		{ "jb-clock-drift",0,0,	G_OPTION_ARG_NONE,	&rtpe_config.jb_clock_drift,"Compensate for source clock drift",NULL },
 		{ "debug-srtp",0,0,	G_OPTION_ARG_NONE,	&debug_srtp,		"Log raw encryption details for SRTP",	NULL },
 		{ "dtls-rsa-key-size",0, 0,	G_OPTION_ARG_INT,&rtpe_config.dtls_rsa_key_size,"Size of RSA key for DTLS",	"INT"		},
+		{ "dtls-mtu",0, 0,	G_OPTION_ARG_INT,&rtpe_config.dtls_mtu,"DTLS MTU",	"INT"		},
 		{ "dtls-ciphers",0,  0,	G_OPTION_ARG_STRING,	&rtpe_config.dtls_ciphers,"List of ciphers for DTLS",		"STRING"	},
 		{ "dtls-signature",0,  0,G_OPTION_ARG_STRING,	&dtls_sig,		"Signature algorithm for DTLS",		"SHA-256|SHA-1"	},
 		{ "listen-http", 0,0,	G_OPTION_ARG_STRING_ARRAY,&rtpe_config.http_ifs,"Interface for HTTP and WS",	"[IP46|HOSTNAME:]PORT"},
@ -722,6 +724,11 @@ static void options(int *argc, char ***argv) {
 	if (rtpe_config.dtls_rsa_key_size < 0)
 		die("Invalid --dtls-rsa-key-size (%i)", rtpe_config.dtls_rsa_key_size);

+	if (rtpe_config.dtls_mtu < 576)
+		/* The Internet Protocol requires that hosts must be able to process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6).
+		However, this does not preclude link layers with an MTU smaller than this minimum MTU from conveying IP data. Internet IPv4 path MTU is 68 bytes.*/
+		die("Invalid --dtls-mtu (%i)", rtpe_config.dtls_mtu);
+
 	if (rtpe_config.jb_length < 0)
 		die("Invalid negative jitter buffer size");

--- a/daemon/rtpengine.pod
+++ b/daemon/rtpengine.pod
@ -878,6 +878,14 @@ guaranteed that only a single thread will ever read from a particular socket,
 thus maintaining the order of the packets. Might help when having issues with
 DTMF packets (RFC 2833).

+=item B<--dtls-mtu>
+
+Set DTLS MTU to enable fragmenting of large DTLS packets. Defaults to 1200.
+Minimum value is 576 as the internet protocol requires that hosts must be able to 
+process IP datagrams of at least 576 bytes (for IPv4) or 1280 bytes (for IPv6).
+This does not preclude link layers with an MTU smaller than this minimum MTU from 
+conveying IP data. Internet IPv4 path MTU is 68 bytes.
+
 =back

 =head1 INTERFACES
--- a/include/main.h
+++ b/include/main.h
@ -103,6 +103,7 @@ struct rtpengine_config {
 	int                     jb_length;
 	int                     jb_clock_drift;
 	int			dtls_rsa_key_size;
+	int			dtls_mtu;
 	char			*dtls_ciphers;
 	int			dtls_signature;
 	char			**http_ifs;