Ignore:
Timestamp:
Feb 26, 2018 7:50:18 AM (3 years ago)
Author:
nanang
Message:

Fixe #2096:

  • Fixed re-INVITE scenario: always generate SRTP attr in SDP re-offer/answer as both offerer/answerer (as long as SRTP is not disabled of course), currently it does not generate SRTP attr if active session does not use SRTP.
  • Fixed bug in retrieving video stream info from SDP that caused DTLS transport (UDP/TLS/RTP/SAVP) getting rejected.
  • Added pjsua app param '--srtp-keying=0/1' to choose SRTP keying to be used in the outgoing offer (0=SDES (default), 1=DTLS-SRTP).
  • Few minors, e.g: adding transport_srtp_dtls/sdes.c to pjmedia MSVC2015 project.
File:
1 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjmedia/src/pjmedia/transport_srtp_dtls.c

    r5635 r5746  
    375375    unsigned i; 
    376376    int mode, rc; 
    377          
     377 
     378    /* Check if it is already instantiated */ 
     379    if (ds->ossl_ssl) 
     380        return PJ_SUCCESS; 
     381 
    378382    /* Create DTLS context */ 
    379383    ctx = SSL_CTX_new(DTLS_method()); 
     
    685689    pj_status_t status; 
    686690    int err; 
     691 
     692    /* Init DTLS (if not yet) */ 
     693    status = ssl_create(ds); 
     694    if (status != PJ_SUCCESS) 
     695        return status; 
    687696 
    688697    /* Check if handshake has been initiated or even completed */ 
     
    10141023    } 
    10151024 
    1016     /* Init DTLS */ 
    1017     if (!ds->ossl_ssl) { 
    1018         status = ssl_create(ds); 
    1019         if (status != PJ_SUCCESS) 
    1020             goto on_return; 
    1021     } 
    1022  
    10231025    /* Set remote cert fingerprint verification status to PJ_EPENDING */ 
    10241026    ds->rem_fprint_status = PJ_EPENDING; 
     
    11001102            ds->nego_started = PJ_FALSE; 
    11011103            ds->got_keys = PJ_FALSE; 
    1102  
    1103             status = ssl_create(ds); 
    1104             if (status != PJ_SUCCESS) 
    1105                 goto on_return; 
    1106         } 
    1107     } 
    1108  
    1109     /* Set media transport to UDP/TLS/RTP/SAVP */ 
    1110     m_loc->desc.transport = ID_TP_DTLS_SRTP; 
     1104            ds->rem_fprint_status = PJ_EPENDING; 
     1105        } 
     1106    } 
     1107 
     1108    /* Set media transport to UDP/TLS/RTP/SAVP if we are the offerer, 
     1109     * otherwise just match it to the offer (currently we only accept 
     1110     * UDP/TLS/RTP/SAVP in remote offer though). 
     1111     */ 
     1112    if (ds->srtp->offerer_side) { 
     1113        m_loc->desc.transport = ID_TP_DTLS_SRTP; 
     1114    } else { 
     1115        m_loc->desc.transport =  
     1116                            sdp_remote->media[media_index]->desc.transport; 
     1117    } 
    11111118 
    11121119    /* Add a=fingerprint attribute, fingerprint of our TLS certificate */ 
     
    11701177        use_ice = ice_info && ice_info->comp_cnt; 
    11711178        if (!use_ice) { 
     1179            /* Start SSL nego */ 
    11721180            status = ssl_handshake(ds); 
    11731181            if (status != PJ_SUCCESS) 
     
    12231231            ds->nego_started = PJ_FALSE; 
    12241232            ds->got_keys = PJ_FALSE; 
    1225  
    1226             status = ssl_create(ds); 
    1227             if (status != PJ_SUCCESS) 
    1228                 goto on_return; 
     1233            ds->rem_fprint_status = PJ_EPENDING; 
    12291234        } 
    12301235    } else { 
     
    13871392 
    13881393    /* Find DTLS keying and destroy any other keying. */ 
    1389     for (j = 0; j < srtp->keying_cnt; ++j) { 
    1390         if (srtp->keying[j]->op == &dtls_op) 
    1391             ds = (dtls_srtp*)srtp->keying[j]; 
     1394    for (j = 0; j < srtp->all_keying_cnt; ++j) { 
     1395        if (srtp->all_keying[j]->op == &dtls_op) 
     1396            ds = (dtls_srtp*)srtp->all_keying[j]; 
    13921397        else 
    1393             pjmedia_transport_close(srtp->keying[j]); 
     1398            pjmedia_transport_close(srtp->all_keying[j]); 
    13941399    } 
    13951400 
     
    14011406    srtp->keying_cnt = 1; 
    14021407    srtp->keying[0] = &ds->base; 
    1403     srtp->keying_pending_cnt = 1; 
     1408    srtp->keying_pending_cnt = 0; 
    14041409 
    14051410    /* Apply param to DTLS-SRTP internal states */ 
     
    14131418    ds->pending_start = PJ_TRUE; 
    14141419    srtp->keying_pending_cnt++; 
    1415  
    1416     /* Create SSL */ 
    1417     status = ssl_create(ds); 
    1418     if (status != PJ_SUCCESS) 
    1419         goto on_return; 
    14201420 
    14211421    /* Attach member transport, so we can send/receive DTLS init packets */ 
Note: See TracChangeset for help on using the changeset viewer.