TT#14008 add new "reject-invalid-sdp" option

for #52 Change-Id: I75f69a4a4b546fed74e0838ba9ba167f957e8d17
3 years ago · f869c23c90
parent 44e06b8a19
commit f869c23c90
6 changed files with 16 additions and 7 deletions
--- a/daemon/Makefile
+++ b/daemon/Makefile
@ -39,7 +39,6 @@ endif

 ### compile time options:
 #CFLAGS+=	-DSRTCP_KEY_DERIVATION_RFC_COMPLIANCE
-#CFLAGS+=	-DTERMINATE_SDP_AT_BLANK_LINE
 #CFLAGS+=	-DSTRICT_SDES_KEY_LIFETIME

 LDLIBS=		-lm
--- a/daemon/main.c
+++ b/daemon/main.c
@ -532,6 +532,7 @@ static void options(int *argc, char ***argv) {
 		{ "jitter-buffer",0, 0,	G_OPTION_ARG_INT,	&rtpe_config.jb_length,	"Size of jitter buffer",		"INT" },
 		{ "jb-clock-drift",0,0,	G_OPTION_ARG_NONE,	&rtpe_config.jb_clock_drift,"Compensate for source clock drift",NULL },
 		{ "debug-srtp",0,0,	G_OPTION_ARG_NONE,	&debug_srtp,		"Log raw encryption details for SRTP",	NULL },
+		{ "reject-invalid-sdp",0,0,	G_OPTION_ARG_NONE,	&rtpe_config.reject_invalid_sdp,"Refuse to process SDP bodies with broken syntax",	NULL },
 		{ "dtls-rsa-key-size",0, 0,	G_OPTION_ARG_INT,&rtpe_config.dtls_rsa_key_size,"Size of RSA key for DTLS",	"INT"		},
 		{ "dtls-mtu",0, 0,	G_OPTION_ARG_INT,&rtpe_config.dtls_mtu,"DTLS MTU",	"INT"		},
 		{ "dtls-ciphers",0,  0,	G_OPTION_ARG_STRING,	&rtpe_config.dtls_ciphers,"List of ciphers for DTLS",		"STRING"	},
--- a/daemon/rtpengine.pod
+++ b/daemon/rtpengine.pod
@ -760,6 +760,13 @@ tags, etc are recorded to the log. Every RTCP packet is logged in this way,
 while every 512th RTP packet is logged. Only applies to packets
 forwarded/processed in userspace.

+=item B<--reject-invalid-sdp>
+
+With this option set, refuse to process SDP bodies that could not be cleanly
+parsed, instead of skipping over the parsing error and processing the SDP
+anyway. Currently this only affects the processing of SDP bodies that end in a
+blank line.
+
 =item B<--listen-http=>[I<IP>|I<HOSTNAME>B<:>]I<PORT>

 =item B<--listen-https=>[I<IP>|I<HOSTNAME>B<:>]I<PORT>
--- a/daemon/sdp.c
+++ b/daemon/sdp.c
@ -1097,12 +1097,12 @@ int sdp_parse(str *body, GQueue *sessions, const struct sdp_ng_flags *flags) {
 	end = str_end(body);

 	while (b && b < end - 1) {
-#ifdef TERMINATE_SDP_AT_BLANK_LINE
-		if (b[0] == '\n' || b[0] == '\r') {
-			body->len = b - body->s;
-			break;
+		if (!rtpe_config.reject_invalid_sdp) {
+			if (b[0] == '\n' || b[0] == '\r') {
+				body->len = b - body->s;
+				break;
+			}
 		}
-#endif
 		errstr = "Missing '=' sign";
 		if (b[1] != '=')
 			goto error;
--- a/etc/rtpengine.conf
+++ b/etc/rtpengine.conf
@ -33,10 +33,11 @@ listen-cli = localhost:2224
 timeout = 60
 silent-timeout = 3600
 tos = 184
-#control-tos = 184
+# control-tos = 184
 # delete-delay = 30
 # final-timeout = 10800
 # endpoint-learning = heuristic
+# reject-invalid-sdp = false

 # foreground = false
 # pidfile = /run/ngcp-rtpengine-daemon.pid
--- a/include/main.h
+++ b/include/main.h
@ -63,6 +63,7 @@ struct rtpengine_config {
 	int			homer_protocol;
 	int			homer_id;
 	int			no_fallback;
+	int			reject_invalid_sdp;
 	int			save_interface_ports;
 	int			port_min;
 	int			port_max;