Ticket #374 (closed enhancement: fixed)

Opened 10 years ago

Last modified 10 years ago

Update STUN specification from rfc3489bis-06 to rfc3489bis-10

Reported by: bennylp Owned by: bennylp
Priority: normal Milestone: release-0.8.0
Component: pjnath Version: trunk
Keywords: Cc:
Backport to 1.x milestone: Backported:

Description (last modified by bennylp) (diff)

Changes in the STUN specification from rfc3489bis-06 to rfc3489bis-10:

  • STUN transaction timeout is no longer hardcoded to 1600ms, but rather 16*RTO
  • Changes in MESSAGE-INTEGRITY calculation, with regard to the message length value. Previously in bis-06, the length was set to the actual/final length of the message. Now the length is the message length after M-I is added, but before any other attributes past M-I (such as FINGERPRINT) is added.
  • Similarly for FINGERPRINT calculation
  • HMAC padding for MESSAGE-INTEGRITY is no longer necessary
  • Some STUN status codes related to client error were removed:
    • 430 Stale Credentials
    • 431 Integrity Check Failure
    • 432 Missing Username
    • 433 Use TLS
    • 434 Missing Realm
    • 435 Missing Nonce
    • 436 Unknown Username
    • 437 No Binding
  • Subsequently since some status codes were removed, response codes for authentication were changed
  • Now non-FINGERPRINT attributes are allowed to exist after M-I. Endpoint MUST ignore these attributes, for now.
  • added more STUN test vectors in STUN test program

Note that these changes are NOT backward compatible with rfc3489bis-06, meaning new ICE software based on new PJNATH will not be able to negotiate with ICE from previous PJNATH.

Change History

comment:1 Changed 10 years ago by bennylp

  • Type changed from defect to enhancement
  • Description modified (diff)
  • Summary changed from Update STUN and ICE to the latest specification to Update STUN specification from rfc3489bis-06 to rfc3489bis-10

comment:2 Changed 10 years ago by bennylp

  • Status changed from new to closed
  • Resolution set to fixed

Committed in r1439

comment:3 Changed 10 years ago by bennylp

In r1443, STUN status 437 (No Binding) was re-enabled since this is used by TURN.

Note: See TracTickets for help on using tickets.