diff --git a/daemon/Makefile b/daemon/Makefile index e80da7c3f..5bda5f223 100644 --- a/daemon/Makefile +++ b/daemon/Makefile @@ -39,7 +39,6 @@ endif ### compile time options: #CFLAGS+= -DSRTCP_KEY_DERIVATION_RFC_COMPLIANCE -#CFLAGS+= -DTERMINATE_SDP_AT_BLANK_LINE #CFLAGS+= -DSTRICT_SDES_KEY_LIFETIME LDLIBS= -lm diff --git a/daemon/main.c b/daemon/main.c index a3fc4da12..64b4312ca 100644 --- a/daemon/main.c +++ b/daemon/main.c @@ -532,6 +532,7 @@ static void options(int *argc, char ***argv) { { "jitter-buffer",0, 0, G_OPTION_ARG_INT, &rtpe_config.jb_length, "Size of jitter buffer", "INT" }, { "jb-clock-drift",0,0, G_OPTION_ARG_NONE, &rtpe_config.jb_clock_drift,"Compensate for source clock drift",NULL }, { "debug-srtp",0,0, G_OPTION_ARG_NONE, &debug_srtp, "Log raw encryption details for SRTP", NULL }, + { "reject-invalid-sdp",0,0, G_OPTION_ARG_NONE, &rtpe_config.reject_invalid_sdp,"Refuse to process SDP bodies with broken syntax", NULL }, { "dtls-rsa-key-size",0, 0, G_OPTION_ARG_INT,&rtpe_config.dtls_rsa_key_size,"Size of RSA key for DTLS", "INT" }, { "dtls-mtu",0, 0, G_OPTION_ARG_INT,&rtpe_config.dtls_mtu,"DTLS MTU", "INT" }, { "dtls-ciphers",0, 0, G_OPTION_ARG_STRING, &rtpe_config.dtls_ciphers,"List of ciphers for DTLS", "STRING" }, diff --git a/daemon/rtpengine.pod b/daemon/rtpengine.pod index 778ede6ad..809d24fa8 100644 --- a/daemon/rtpengine.pod +++ b/daemon/rtpengine.pod @@ -760,6 +760,13 @@ tags, etc are recorded to the log. Every RTCP packet is logged in this way, while every 512th RTP packet is logged. Only applies to packets forwarded/processed in userspace. +=item B<--reject-invalid-sdp> + +With this option set, refuse to process SDP bodies that could not be cleanly +parsed, instead of skipping over the parsing error and processing the SDP +anyway. Currently this only affects the processing of SDP bodies that end in a +blank line. + =item B<--listen-http=>[I|IB<:>]I =item B<--listen-https=>[I|IB<:>]I diff --git a/daemon/sdp.c b/daemon/sdp.c index d1fdf7c8d..3de2f2594 100644 --- a/daemon/sdp.c +++ b/daemon/sdp.c @@ -1097,12 +1097,12 @@ int sdp_parse(str *body, GQueue *sessions, const struct sdp_ng_flags *flags) { end = str_end(body); while (b && b < end - 1) { -#ifdef TERMINATE_SDP_AT_BLANK_LINE - if (b[0] == '\n' || b[0] == '\r') { - body->len = b - body->s; - break; + if (!rtpe_config.reject_invalid_sdp) { + if (b[0] == '\n' || b[0] == '\r') { + body->len = b - body->s; + break; + } } -#endif errstr = "Missing '=' sign"; if (b[1] != '=') goto error; diff --git a/etc/rtpengine.conf b/etc/rtpengine.conf index 64a503550..9ad70b004 100644 --- a/etc/rtpengine.conf +++ b/etc/rtpengine.conf @@ -33,10 +33,11 @@ listen-cli = localhost:2224 timeout = 60 silent-timeout = 3600 tos = 184 -#control-tos = 184 +# control-tos = 184 # delete-delay = 30 # final-timeout = 10800 # endpoint-learning = heuristic +# reject-invalid-sdp = false # foreground = false # pidfile = /run/ngcp-rtpengine-daemon.pid diff --git a/include/main.h b/include/main.h index 486cae3fa..bc5187b53 100644 --- a/include/main.h +++ b/include/main.h @@ -63,6 +63,7 @@ struct rtpengine_config { int homer_protocol; int homer_id; int no_fallback; + int reject_invalid_sdp; int save_interface_ports; int port_min; int port_max;