sipwise
/
rtpengine
mirror of https://github.com/sipwise/rtpengine.git
1
0
Fork 0
Code Issues Releases Wiki Activity

MT#56420 use actual local socket for decryption

Browse Source 
The SRTP decryption context is associated with the local socket. Use the
socket that a packet was actually received on for the decryption context
instead of using the one that it was expected to be received on.

Change-Id: Iddf400a440fc51b4afb370ec827f75e9626b2cfd
mr10.5.4
Richard Fuchs 2 years ago
parent d36fa163a1
commit a313d2b01b
3 changed files with 14 additions and 23 deletions
Show Stats Download Patch File Download Diff File

32
daemon/media_socket.c
Unescape View File

@ -91,14 +91,10 @@ static int __k_null(struct rtpengine_srtp *s, struct packet_stream *);
static int __k_srtp_encrypt(struct rtpengine_srtp *s, struct packet_stream *);
static int __k_srtp_decrypt(struct rtpengine_srtp *s, struct packet_stream *);
static int call_avp2savp_rtp(str *s, struct packet_stream *, struct stream_fd *, const endpoint_t *,
const struct timeval *, struct ssrc_ctx *);
static int call_savp2avp_rtp(str *s, struct packet_stream *, struct stream_fd *, const endpoint_t *,
const struct timeval *, struct ssrc_ctx *);
static int call_avp2savp_rtcp(str *s, struct packet_stream *, struct stream_fd *, const endpoint_t *,
const struct timeval *, struct ssrc_ctx *);
static int call_savp2avp_rtcp(str *s, struct packet_stream *, struct stream_fd *, const endpoint_t *,
const struct timeval *, struct ssrc_ctx *);
static int call_avp2savp_rtp(str *s, struct packet_stream *, struct stream_fd *, struct ssrc_ctx *);
static int call_savp2avp_rtp(str *s, struct packet_stream *, struct stream_fd *, struct ssrc_ctx *);
static int call_avp2savp_rtcp(str *s, struct packet_stream *, struct stream_fd *, struct ssrc_ctx *);
static int call_savp2avp_rtcp(str *s, struct packet_stream *, struct stream_fd *, struct ssrc_ctx *);
static struct logical_intf *__get_logical_interface(const str *name, sockfamily_t *fam);
@ -1076,25 +1072,21 @@ static int rtcp_demux(const str *s, struct call_media *media) {
return rtcp_demux_is_rtcp(s) ? 2 : 1;
}
static int call_avp2savp_rtp(str *s, struct packet_stream *stream, struct stream_fd *sfd, const endpoint_t *src,
const struct timeval *tv, struct ssrc_ctx *ssrc_ctx)
static int call_avp2savp_rtp(str *s, struct packet_stream *stream, struct stream_fd *sfd, struct ssrc_ctx *ssrc_ctx)
{
return rtp_avp2savp(s, &stream->crypto, ssrc_ctx);
}
static int call_avp2savp_rtcp(str *s, struct packet_stream *stream, struct stream_fd *sfd, const endpoint_t *src,
const struct timeval *tv, struct ssrc_ctx *ssrc_ctx)
static int call_avp2savp_rtcp(str *s, struct packet_stream *stream, struct stream_fd *sfd, struct ssrc_ctx *ssrc_ctx)
{
return rtcp_avp2savp(s, &stream->crypto, ssrc_ctx);
}
static int call_savp2avp_rtp(str *s, struct packet_stream *stream, struct stream_fd *sfd, const endpoint_t *src,
const struct timeval *tv, struct ssrc_ctx *ssrc_ctx)
static int call_savp2avp_rtp(str *s, struct packet_stream *stream, struct stream_fd *sfd, struct ssrc_ctx *ssrc_ctx)
{
return rtp_savp2avp(s, &stream->selected_sfd->crypto, ssrc_ctx);
return rtp_savp2avp(s, sfd ? &sfd->crypto : &stream->selected_sfd->crypto, ssrc_ctx);
}
static int call_savp2avp_rtcp(str *s, struct packet_stream *stream, struct stream_fd *sfd, const endpoint_t *src,
const struct timeval *tv, struct ssrc_ctx *ssrc_ctx)
static int call_savp2avp_rtcp(str *s, struct packet_stream *stream, struct stream_fd *sfd, struct ssrc_ctx *ssrc_ctx)
{
return rtcp_savp2avp(s, &stream->selected_sfd->crypto, ssrc_ctx);
return rtcp_savp2avp(s, sfd ? &sfd->crypto : &stream->selected_sfd->crypto, ssrc_ctx);
}
@ -1955,7 +1947,7 @@ static int media_packet_decrypt(struct packet_handler_ctx *phc)
int ret = 0;
if (phc->decrypt_func) {
str ori_s = phc->s;
ret = phc->decrypt_func(&phc->s, phc->in_srtp, phc->mp.sfd, &phc->mp.fsin, &phc->mp.tv, phc->mp.ssrc_in);
ret = phc->decrypt_func(&phc->s, phc->in_srtp, phc->mp.sfd, phc->mp.ssrc_in);
// XXX for stripped auth tag and duplicate invocations of rtp_payload
// XXX transcoder uses phc->mp.payload
phc->mp.payload.len -= ori_s.len - phc->s.len;
@ -1994,7 +1986,7 @@ int media_packet_encrypt(rewrite_func encrypt_func, struct packet_stream *out, s
for (GList *l = mp->packets_out.head; l; l = l->next) {
struct codec_packet *p = l->data;
int encret = encrypt_func(&p->s, out, NULL, NULL, NULL, mp->ssrc_out);
int encret = encrypt_func(&p->s, out, mp->sfd, mp->ssrc_out);
if (encret == 1)
ret |= 0x02;
else if (encret != 0)

2
daemon/rtcp.c
Unescape View File

@ -1607,7 +1607,7 @@ void rtcp_send_report(struct call_media *media, struct ssrc_ctx *ssrc_out) {
if (crypt_handler && crypt_handler->out->rtcp_crypt) {
g_string_set_size(sr, sr->len + RTP_BUFFER_TAIL_ROOM);
rtcp_packet = STR_CONST_INIT_LEN(sr->str, sr->len - RTP_BUFFER_TAIL_ROOM);
crypt_handler->out->rtcp_crypt(&rtcp_packet, ps, NULL, NULL, NULL, ssrc_out);
crypt_handler->out->rtcp_crypt(&rtcp_packet, ps, NULL, ssrc_out);
}
socket_sendto(&ps->selected_sfd->socket, rtcp_packet.s, rtcp_packet.len, &ps->endpoint);

3
include/media_socket.h
Unescape View File

@ -25,8 +25,7 @@ struct stream_fd;
struct poller;
typedef int rtcp_filter_func(struct media_packet *, GQueue *);
typedef int (*rewrite_func)(str *, struct packet_stream *, struct stream_fd *, const endpoint_t *,
const struct timeval *, struct ssrc_ctx *);
typedef int (*rewrite_func)(str *, struct packet_stream *, struct stream_fd *, struct ssrc_ctx *);
enum transport_protocol_index {

Write Preview
Loading…
Cancel
Save