We must now hold the master lock for reads from the socket as the socket
may get closed after the poller has already fired an event for it.
Change-Id: I1ab4b38f09988e8569a70c449de17c208ef2aa96
This has become important after the latest change to run rtpengine as
non-root user as it requires reloading the kernel module with the new
user/group permissions.
Change-Id: Iedf2624402397f5d444955e9d5d6d5aa414be1c3
If DTLS is rejected in an answer via `DTLS=off` we must forget that DTLS
was previously offered, as otherwise a re-invite would detect the
fingerprint as changed if the re-invite doesn't offer DTLS again. We
also make sure DTLS is shut down if during stream init DTLS is not
given, when it was present before.
Change-Id: I48ee6f0ec5ec02f558a6799951552ea2272d0e96
All crypto suites except AEAD have an explicit packet authentication
stage. If authentication fails for a packet, we take some guesses about
a ROC mismatch and see if authentication can succeed with a different
ROC. If a working ROC is found, our tracked ROC is updated and
decryption proceeds.
AEAD doesn't have an explicit authentication stage and authentication is
performed implicitly by the decryption engine, which simply returns a
decryption error if the authentication fails. We must therefore add the
same ROC guessing logic at this step for AEAD.
Change-Id: Ic1a70daa667e23976b74d2303c823b8d8c7bcb2b
This is useful for functions which are used both from a timer and from
other callers. These functions would reset the logging context at their
end to free the reference held by the logging context, which would
wrongly reset the logging context when the same function was called from
a different code path. Using a stack with push/pop semantics makes it
safe to use these functions from any code path.
Additionally introduce an explicit reset function that clears the entire
stack regardless of context. This reset function is called at the end of
every work iteration in every worker thread, just in case not everything
was popped from the stack.
Change-Id: I0e2c142b95806b26473c65a882737e39d161d24d
*) Create dedicated rtpengine user in postinst and remove it in postrm.
*) Use RuntimeDirectory= systemd unit config.
*) Use dedicated user for /proc interface and set file umask to hide it
from other users.
*) Set owner and permissions on default directories used for call recording.
Change-Id: I8e225b36d065d46da2489fb8286916371950f490
If the config only lists a port for the HTTP/WS bindings then we must
not try to create both a v4 and a v6 binding on that port as
libwebsockets handles the 4/6 mapping internally. In this case we make
sure to only create the v6 binding.
Further requirement for #1432
Change-Id: I9bf7ec5c041d0b5d4a22d507d993b85e2d4d3155
Add an explicit test to see if libwebsockets has been compiled with
support for IPv6. If it hasn't then we don't try to create v6 bindings.
Closes#1432
Change-Id: I6902f5b4203aa09cb28a8edb46f97b339677ed75
The hexint modparam type became available in 5.10.
The stream_open() function became available at some point in 5.0.x.
Closes#1431
Change-Id: I4965d05a2c4c0f0bf526ea0bf3f76f5ca2f9dff6
commit a2e5cfb8e5
Author: Razvan Crainea <razvan@opensips.org>
Date: Thu Jan 13 16:16:19 2022 +0200
Add tests for subscribe requests on paused media
commit fa58596a9f
Author: Razvan Crainea <razvan@opensips.org>
Date: Wed Jan 12 22:01:27 2022 +0200
Swap media direction check for `subscribe request`
as @rfuchs mentioned in his review, the SEND/RECV media flags are set
according to rtpengine's perspective, not the media flow's one.
commit e1e9a157c0
Author: Razvan Crainea <razvan@opensips.org>
Date: Wed Jan 12 19:27:42 2022 +0200
Fix `subscribe request` SDP media direction
When building the SDP for a `subscribe request` command, take into
consideration the media direction of the source stream - if stream is
`recvonly`, then we do not have anything to send, thus the direction
should be advertised as `inactive`, rather than `sendonly`.
Change-Id: I2d78bbec8ad584774f3c90f0ce5cca42f57f7b0f
Stefan Mititelu
Richard Fuchs
Michael Prokop
Anton Voylenko
Sipwise Jenkins Builder
hdikme