Defined in RFC 8842. If a tls-id was previously given and a the new SDP
shows a different tls-id or none at all, we must restart DTLS.
Relevant to #1585
Change-Id: I554234dfcacbd330c7a0c6aea68f24d0449cba21
There's no point in sampling Graphite-specific stats, nor in reporting
them out, if Graphite is not enabled.
Change-Id: If8014513832485f38d81b478c695391129c21dff
Distinguish between two different types of "gauge" type metrics: Actual
gauges which (at least conceptually) have a single continuous value, and
metrics which are comprised of discretely sampled values, possibly from
multiple sources.
Real gauges with continuous values don't have mean/average/deviation
values directly associated with them, as calculating these requires
sampling or some other analysis.
Sampled metrics on the other hand do have these associated values.
Clarify which function does what and where each value comes from.
Change-Id: Iff5dd844b70ff70979b1b8c84dc7734d44b3da20
Rename structs and variables to make it clear that these min/max values
are min/max per-sec rate values.
Carry mins and maxes separately from averages. This changes the meaning
of $command_ps_avg away from an "average of averages" to an actual
average, which is more accurate.
Calculate this average based on per-interval differences and interval
duration (stats_rate_min_max_avg_sample).
Side effect: As rtpe_latest_graphite_interval_start is now set in
print_graphite_data instead of in graphite_loop_run, the test now
reports a different "interval calls duration".
Change-Id: I67b1118c18ca2464a48c4836fca3cfdb4d53c898
Perform accumulation of stats only once (i.e. increasing an actual
counter) and report stats based on differences to previous values,
instead of carrying multiple stats counters for each metric and
resetting each counter to zero whenever stats are reported.
`rtpe_stats` is the global master accumulator.
`_intv` variables are intermediate and local storage for values sampled
from `rtpe_stats` at regular intervals.
`_rate` and `_diff` variables hold stats calculated from `rtpe_stats`
and the respective `_intv` variable whenever the sampling and reporting
occurs.
`stats_counters_calc_diff` is used to calculate stats as differences
between `rtpe_stats` and the last sampled `_intv`
`stats_counters_calc_rate` does the same but calculates a per-second
rate, based on a microsecond duration.
Eliminate now-useless struct global_stats_ax
Change-Id: Ic4ca630161787025219b67e49b41995204d60573
Use dedicated functions and different code paths for the different use
cases, instead of just a single function which does if/else all the
time.
Change-Id: Ic3ab928c3605cfe4a2f48889e95a3a1ddccdbbec
The SRTP decryption context is associated with the local socket. Use the
socket that a packet was actually received on for the decryption context
instead of using the one that it was expected to be received on.
Change-Id: Iddf400a440fc51b4afb370ec827f75e9626b2cfd
(cherry picked from commit 8c3452e50b7aa4f5b7122dbd7221e34143467885)
... so that the publishing session gets notified about "webrtcup" and
not the session which created the room.
Change-Id: If7b308df4afa7afb19ecaca1f743f87c3c736007
This is a new option flag, which provides a possiblity
to select specific crypto suite(s) for the offerer from
the given list of crypto suites received in the offer.
This will be used later on, when processing an answer from
the recipient and generating an answer to be sent out towards offerer.
Furthermore, this is being decided not when the answer is processed,
but already when the offer is processed.
Flag usage example:
`SDES-offerer_pref:AES_256_CM_HMAC_SHA;AES_256_CM_HMAC_SHA1_32;`
Change-Id: I2b22b38347d24f27331482e18b92305fbadb2520
Split out the logic to determine the destination payload type into a
separate functions. This makes it possible to supply a different, or
pre-determined, payload type instead.
Change-Id: I9b67b29cafc0c6ce4e18eede64dea3d1973f8b63
This is a new option flag, which provides the ordered list,
in which to add crypto suites into the SDP body.
Right now they're always added in the order given in the source code.
Flag usage example:
`SDES-order:AES_256_CM_HMAC_SHA;AES_256_CM_HMAC_SHA1_32;AES_192_CM_HMAC_SHA1_80;`
This means — those listed SDES crypto suites will be added
into the generated SDP body at the top of crypto suites list, in the given order.
But, each of them is added, only if it is about to be added/generated.
In other words, the `SDES-order:` flag itself doesn't add crypto suites,
it just affects the order of those suites to be added.
And the rest of non-mentioned suites, which are also to be added,
will be appended after those given, in the free manner of ordering.
Important thing to remember - it doesn't change the crypto suite tag
for the recipient, even though changing the order of them.
Additionally.
This flag does not contradict with `SDES-nonew`, `SDES-only-` and `SDES-no-` flags.
It just orders the list of crypto suites already prepared to be sent out.
Change-Id: I0fec54f9e2f3cd4913e905e8afe825712f82d1ae
A new function dedicated to SDES crypto suites comparison.
It compares the crypto suites using a name in 'str' format.
Recommended to be used in combination with:
g_queue_find_custom() or g_list_find_custom()
Change-Id: I08ff6d3304f74d29154110caa472618478ca1837
A new function dedicated to SDES crypto suites policy checks
has been introduced: 'crypto_params_sdes_check_limitations()'.
Use it to decrease an amount of repeating code blocks
related to SDES checks.
Change-Id: I0ac242a63107a9f3a41f95a57e3d3675645ac18d
Add a new flag to only accept these individual crypto suites
and none of the others.
For example, `SDES-only-NULL_HMAC_SHA1_32`
would only accept the crypto suite `NULL_HMAC_SHA1_32` for
the offer being generated.
This also takes precedence over the `SDES-no-` flag(s),
if used together, so the `SDES-no` will be not taken into account.
This has two effects:
- if a given crypto suite was present in a received offer,
it will be kept, so will be present in the outgoing offer; and
- if a given crypto suite was not present in the received offer,
it will be added to it. The rest, which is not mentioned,
will be dropped/not added.
Flag name: 'SDES-only-<crypto name>'
Additionally: add another new flag 'SDES-nonew'.
It will not add any new crypto suites into the offer.
It takes precedence over the `SDES-no` and `SDES-only` flags,
if used in combination.
Change-Id: Ic4fa03957ee3d4d24b0c4f3fd003eada05f49b0b
Add a flag to force increasing the SDP version,
even if the SDP hasn't been changed.
And cover it with tests.
Flag name: 'force-increment-sdp-ver'
Additionally fix the name of the 'sdp-version' flag
in the 'rtpengine-ng-client' tool.
Change-Id: I466792668b0cd313b5e21b248dd14cd599333cbd
Use the new `associated_tags` table to determine which tags are
associated with which. Iterate the associations between tags in a
tree-like manner and do this at the moment the `delete` command is
received. Break up the `associated_tags` links at this time, and
determine which tags would be left dangling and mark all of these for
deletion. If no tags are left after this process, mark the entire call
for deletion.
The previous approach was cumbersome and prone to errors. Using tag
names and branch names to determine which tags are associated with which
is a pointless hurdle, and using a table of associations that is
explicitly kept for this purpose is a much cleaner approach. Also
postponing the decision about which tags to delete until the time the
deletion actually happens can lead to tags not being deleted, when they
really should be (e.g. A -> B, delete A, A -> C).
Change-Id: I03ae57d0a2117ecd721372c1a49468fc34dd630c
Keep track which tags (monologues) were created together as part of an
offer/answer exchange with a separate hash table, regardless of whether
these monologues actually have tagged names or are just nameless
branches.
Change-Id: I60aa114c8caf6ecdff4705e3399f60190d04dda6
Support multiple tone frequencies for DTMF-security=tone to enable
audibly distinguishing multiple consecutive DTMF events from one
another.
Change-Id: I6fa33a5768aae198220d0b0cc4c53308c5661a52
In some cases it's possible that some packets still arrive in userspace
immediately after a stream has been pushed to the kernel, for example if
some packets are already in the queue or if there is some processing
delay (e.g. writing to Redis). Allow for a short delay before counting a
stream as userspace if it has been pushed to the kernel.
Change-Id: I55a6e255868c8c2a9e93355a4aa2287f07b3748d
Based on the information gotten from Richard Fuchs
document the main objects in the code, to let the code be more
understandable for other code readers.
Mainly documented:
- call
- call_monologue
- call_subscription
- call_media
- packet_stream
- stream_fd
- sink_handler
- rtpe_callhash / rtpe_callhash_lock
Change-Id: I0cf122bea2d9c3f198b48da134a70301564ff1f9
On bookworm and later, libasan reports a false positive in combination
with pthread_cleanup_push() (see [1]). Work around this by not using the
thread cleanup handler when running the asan build, and instead use a
shorter thread sleep time.
[1] https://gcc.gnu.org/bugzilla//show_bug.cgi?id=82109
Change-Id: Ieffdc0b13f470445f1f8e1d2448c6af6d8dd68e0
Instead of just leaving the transport protocol unset when we know we're
not supposed to be aware of the protocol, add a special entry to
suppress the pointless warning message.
Change-Id: I228c2f1652320627f974d9d7bcb0b1345adce2be
commit 025f56212d
Author: Andreas Granig <andreas@granig.com>
Date: Tue Oct 4 14:23:01 2022 +0200
Document the mqtt-tls-alpn option
commit e6cc320d19
Author: Andreas Granig <andreas@granig.com>
Date: Mon Oct 3 21:41:14 2022 +0200
Add TLS ALPN option to be set when connecting MQTT
This is required to be set to "mqtt" for instance when connecting
to the AWS IoT Core data endpoint at port 443 to indicate we're
sending MQTT, because in that case websocket and mqtt shares the same
port for whatever reason.
Change-Id: I6a391e815411b178187ef42aa009e45853d1c388
This distinguishes `to-label` from `set-label` for media blocking
methods, when previously they were synonymous.
Upgrade sink determination to list at the same time.
Change-Id: I5b35c78f2f307867b51b5376d5a6afbd79128d99
Create a dedicated struct to hold certain attributes shared by both sink
handlers and media subscriptions, as a preparation to simplify handling
these attributs.
Change-Id: I866159c33ed6d6a2873d2cf68c4906ea705d253e
This makes it possible to refactor and simplify the interface functions,
as pointers and offsets can't be utilised with bit fields.
Change-Id: I70f1ac0eca7d2ccf8e8d5f5794580163f3f5b7ad
Newer libwebsockets versions seem to use a longer internal timeout, so
an explicit "interrupt" is needed during shutdown to prevent a long wait
time.
Change-Id: I8f28ef658169178e35b40dd44520fbd7c812b590
Keep a running lifetime total of all "gauge" type metrics. Also track
the square of the sums of all "gauge" type metrics in order to determine
the standard deviation.
Change-Id: I23f60774a6421636f1a913674c7d1b54a1c5f702
To prevent a race condition that might miss updates about call info, set
up the Redis keyspace notifications first and then run loop to restore
calls from the existing data.
closes#1503
Change-Id: I6afa4c50fe0a34c602063fc2f45b2ee38133cf1e
When ports are closed early (while the call is still running), we must
first update a slave rtpengine with this new information (that these
ports are now closed) before actually releasing the ports ourselves. Not
doing so leads to a race condition where the master instance re-uses a
port that was just closed before the slave instance knows about the port
being closed.
We implement this using a thread-local list to keep track of ports that
were released while processing a control message, and process this list
to actually close the ports only after Redis has been updated.
Additional calls to the function to close the ports are placed in
strategic locations to make sure this is triggered in every code path.
closes#1495
Change-Id: I803f4594f30ca315da0b84c6e76893f54ca3a7c9
This prevents empty mixed output files from being created when mixed
output is enabled in the config but recording isn't active for that
call.
Change-Id: I66ead89dc8a7ea80b81164b3e24d997b0df5f37e
Since we're already doing the full parsing of the request flags, use the
same function to parse all required flags
Change-Id: I0880ccbbbc36eae7b172440ce51afc1c544583a1
There's no need to open ports on non-primary interfaces if ICE is not in
use as these ports will not be used or seen by anyone.
This mostly obsoletes the `save-interface-ports` config option, with the
exception of ICE advertised by the offerer. We currently have no option
to reject ICE from the offerer during the offer phase, so ports would
always be opened on that side.
Relevant to #1164 and 001abe5
Change-Id: I43df70bc0ec49b81f63aec97c776e48617b2acfd
Special handling for codec lists that were received as part of an
answer: If the list includes a codec that was not offered, ignore that
codec. This prevents transcoders from being set up that were not
requested.
This brought to light some tests that were actually broken.
Change-Id: Iac71056ec5e10b5de5567917974f2c4e0261eb0c
Instead of having each thread sleep only a little while and then
periodically check for the shutdown flag, make them sleep longer and use
pthread_cancel() to interrupt the sleep during a shutdown in the
designated break points.
Change-Id: I13f1872a0176697e064ceef4062db6ca6ccf7a0e
Handling of dual stack v4/v6 was previously done by the individual
listener objects for INADDR_ANY listening addresses. If listening on
INADDR_ANY was requested, then each listener would create two instances,
one for IPv4 and one for IPv6. This works fine for INADDR_ANY but fails
for listening on host names that resolve to multiple addresses, such as
`localhost`.
Solve this by relieving the listener objects from handling this and
instead handle it in the code setting up the listeners. If a host name
resolves to multiple addresses, then set up multiple listeners (up to
two supported currently). This allows us to listen on `localhost` by
default and have both 127.0.0.1 and ::1 active. INADDR_ANY is handled
specially by also setting up :: in that case.
Change-Id: I2a1e1d7090d7d23863c7a9bb1e89b85ad2ea44f4
Needed to be able to set graphite socket timeout.
Useful when one wants rtpengine to force the graphite connection
to fail faster, in case graphite server gets filtered while
connection is ongoing.
With multiple media subscriptions, codec handlers are called
consecutively, once for each forwarding chain, leading to DTMF events
reported multiple times. The DTMF trigger must therefore keep track of
the state in the upper media object, not in the codec handlers.
Change-Id: I9ceaf406e093f25b7c037a325a0f2a7a91954922
Flag a socket with an error strike when packets are received too fast,
and refuse processing once too many strikes have occurred. This should
prevent forwarding loops from taking down the system.
Change-Id: Idc574f2f1dbbcb156efc37a80e903dc4e60ef1b1
Richard Fuchs
Donat Zenichev
Damir Nedžibović
Andreas Granig
Stefan Mititelu
Michael Prokop
Razvan Crainea
John Burke