Changeset 5823


Ignore:
Timestamp:
Jul 16, 2018 7:35:52 AM (9 months ago)
Author:
nanang
Message:

Re #2096:

  • For better interoperability, check remote support for DTLS-SRTP by inspecting SDP a=fingerprint availability instead of UDP/TLS/SRTP/SAVP.
  • Bailout DTLS-SRTP when SDP a=fingerprint is not available.
Location:
pjproject/trunk/pjmedia
Files:
3 edited

Legend:

Unmodified
Added
Removed
  • pjproject/trunk/pjmedia/include/pjmedia/errno.h

    r5748 r5823  
    646646#define PJMEDIA_SRTP_DTLS_EFPNOTMATCH (PJMEDIA_ERRNO_START+242)  /* 220242 */ 
    647647 
     648/** 
     649 * @hideinitializer 
     650 * Fingerprint not found. 
     651 */ 
     652#define PJMEDIA_SRTP_DTLS_ENOFPRINT (PJMEDIA_ERRNO_START+243)   /* 220243 */ 
     653 
    648654#endif /* PJMEDIA_HAS_SRTP */ 
    649655 
  • pjproject/trunk/pjmedia/src/pjmedia/errno.c

    r5779 r5823  
    170170    PJ_BUILD_ERR( PJMEDIA_SRTP_DTLS_EPEERNOCERT,"No certificate supplied by peer in DTLS nego" ), 
    171171    PJ_BUILD_ERR( PJMEDIA_SRTP_DTLS_EFPNOTMATCH,"Fingerprint from signalling not match to actual fingerprint" ) 
     172    PJ_BUILD_ERR( PJMEDIA_SRTP_DTLS_ENOFPRINT,  "Fingerprint not found" ) 
    172173#endif 
    173174 
  • pjproject/trunk/pjmedia/src/pjmedia/transport_srtp_dtls.c

    r5820 r5823  
    815815                                  NULL); 
    816816    if (!a) { 
    817         /* Let's just print warning for now, instead of returning error */ 
    818         PJ_LOG(4,(ds->base.name, "Warning: no fingerprint attribute in " 
    819                                  "remote SDP, DTLS verification cannot " 
    820                                  "be done!")); 
     817        /* No fingerprint attribute in remote SDP */ 
     818        return PJMEDIA_SRTP_DTLS_ENOFPRINT; 
    821819    } else { 
    822820        pj_str_t rem_fp = a->value; 
     
    10431041         *    Check for DTLS-SRTP support in remote SDP. Detect remote 
    10441042         *    support of DTLS-SRTP by inspecting remote SDP offer for 
    1045          *    UDP/TLS/RTP/SAVP as media transport, this may be presented 
    1046          *    in m= line. 
     1043         *    SDP a=fingerprint attribute. And currently we only support 
     1044         *    RTP/AVP transports. 
    10471045         */ 
    10481046        pjmedia_sdp_media *m_rem = sdp_remote->media[media_index]; 
    1049         pjmedia_sdp_attr *attr_setup; 
     1047        pjmedia_sdp_attr *attr_setup, *attr_fp; 
    10501048        pj_uint32_t rem_proto = 0; 
    10511049 
     1050        /* Find SDP a=fingerprint line. */ 
     1051        attr_fp = pjmedia_sdp_media_find_attr(m_rem, &ID_FINGERPRINT, NULL); 
     1052        if (!attr_fp) 
     1053            attr_fp = pjmedia_sdp_attr_find(sdp_remote->attr_count, 
     1054                                            sdp_remote->attr, &ID_FINGERPRINT, 
     1055                                            NULL); 
     1056 
     1057        /* Get media transport proto */ 
    10521058        rem_proto = pjmedia_sdp_transport_get_proto(&m_rem->desc.transport); 
    1053         if (!PJMEDIA_TP_PROTO_HAS_FLAG(rem_proto, PJMEDIA_TP_PROTO_DTLS_SRTP)) 
     1059        if (!PJMEDIA_TP_PROTO_HAS_FLAG(rem_proto, PJMEDIA_TP_PROTO_RTP_AVP) || 
     1060            !attr_fp) 
    10541061        { 
    10551062            /* Remote doesn't signal DTLS-SRTP */ 
Note: See TracChangeset for help on using the changeset viewer.