Commit 31c9816e authored by johan's avatar johan

Fix DTLS packet routing when handshake is over on server side

- server side may complete the handshake while client ask for
packets to be sent again, route DTLS packet using ssl_read in
that case
parent 630bf56f
......@@ -247,6 +247,8 @@ static bool_t ms_dtls_srtp_process_dtls_packet(mblk_t *msg, MSDtlsSrtpContext *c
uint64_t *time_reference = (is_rtp == TRUE)?&(ctx->rtp_time_reference):&(ctx->rtcp_time_reference);
ssl_context *ssl = (is_rtp == TRUE)?&(ctx->rtp_dtls_context->ssl):&(ctx->rtcp_dtls_context->ssl);
ms_mutex_t *mutex = (is_rtp == TRUE)?&ctx->rtp_dtls_context->ssl_context_mutex:&ctx->rtcp_dtls_context->ssl_context_mutex;
uint8_t channel_status = (is_rtp == TRUE)?(ctx->rtp_channel_status):(ctx->rtcp_channel_status);
// check if incoming message length is compatible with potential DTLS message
if (msgLength<RTP_FIXED_HEADER_SIZE) {
return FALSE;
......@@ -297,25 +299,35 @@ static bool_t ms_dtls_srtp_process_dtls_packet(mblk_t *msg, MSDtlsSrtpContext *c
}
}
/* role is unset but we receive a packet: we are caller and shall initialise as server and then process the incoming packet */
if (ctx->role == MSDtlsSrtpRoleUnset) {
ms_dtls_srtp_set_role(ctx, MSDtlsSrtpRoleIsServer); /* this call will update role and complete server setup */
}
ms_mutex_lock(mutex);
/* process the packet and store result */
*ret = ssl_handshake(ssl);
/* when we are server, we may issue a hello verify, so reset session, keep cookies(transport id) and expect an other Hello from client */
if (*ret==POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED) {
ssl_session_reset(ssl);
ssl_set_client_transport_id(ssl, (const unsigned char *)(&(ctx->stream_sessions->rtp_session->snd.ssrc)), 4);
}
/* while DTLS handshake is on going route DTLS packets to polarssl engine through ssl_handshake() */
if (ssl->state != SSL_HANDSHAKE_OVER) {
/* role is unset but we receive a packet: we are caller and shall initialise as server and then process the incoming packet */
if (ctx->role == MSDtlsSrtpRoleUnset) {
ms_dtls_srtp_set_role(ctx, MSDtlsSrtpRoleIsServer); /* this call will update role and complete server setup */
}
ms_mutex_lock(mutex);
/* process the packet and store result */
*ret = ssl_handshake(ssl);
/* when we are server, we may issue a hello verify, so reset session, keep cookies(transport id) and expect an other Hello from client */
if (*ret==POLARSSL_ERR_SSL_HELLO_VERIFY_REQUIRED) {
ssl_session_reset(ssl);
ssl_set_client_transport_id(ssl, (const unsigned char *)(&(ctx->stream_sessions->rtp_session->snd.ssrc)), 4);
}
/* if we are client, manage the retransmission timer */
if (ctx->role == MSDtlsSrtpRoleIsClient) {
*time_reference = get_timeval_in_millis();
/* if we are client, manage the retransmission timer, unless the handshake is already over */
if (ctx->role == MSDtlsSrtpRoleIsClient && channel_status != DTLS_STATUS_HANDSHAKE_OVER) {
*time_reference = get_timeval_in_millis();
}
ms_mutex_unlock(mutex);
} else { /* when DTLS handshake is over, route DTLS packets to polarssl engine through ssl_read() */
/* we need a buffer to store the message read even if we don't use it */
unsigned char *buf = ms_malloc(msgLength+1);
ms_mutex_lock(mutex);
*ret = ssl_read(ssl, buf, msgLength);
ms_mutex_unlock(mutex);
}
ms_mutex_unlock(mutex);
return TRUE;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment