[asterisk-bugs] [JIRA] (ASTERISK-23997) Fix for ICE nat

Badalian Vyacheslav (JIRA) noreply at issues.asterisk.org
Mon Jul 7 09:06:57 CDT 2014 

     [ https://issues.asterisk.org/jira/browse/ASTERISK-23997?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Badalian Vyacheslav updated ASTERISK-23997:
-------------------------------------------

    Description: 
sipml5 does not work trougth NAT becouse it's can connect to second candidate port if ice is on. You have small logic bug. 
1. You have 2 candidates - port X and port Y.
2. Y = X+1. 
3. Also you have ICE in reply to client: X and Y + 1. Y already +1! 
Result: In ICE answer you have X and X+2.

Its wrong. Port before NAT and after NAT must be some!

before patch:
{code}
a=candidate:Had86137 1 UDP 2130706431 10.216.97.55 54982 typ host
a=candidate:S5bc2e2f0 1 UDP 1694498815 91.194.226.240 54982 typ srflx
a=candidate:Had86137 2 UDP 2130706430 10.216.97.55 54983 typ host
a=candidate:S5bc2e2f0 2 UDP 1694498814 91.194.226.240 54984 typ srflx
{code}

After:
{code}
a=candidate:Had86137 1 UDP 2130706431 10.216.97.55 54982 typ host
a=candidate:S5bc2e2f0 1 UDP 1694498815 91.194.226.240 54982 typ srflx
a=candidate:Had86137 2 UDP 2130706430 10.216.97.55 54983 typ host
a=candidate:S5bc2e2f0 2 UDP 1694498814 91.194.226.240 54983 typ srflx
{code}

Patch:

{code}
--- asterisk-11.10.0/channels/chan_sip.c        2014-05-13 21:40:00.000000000 +0400
+++ as
terisk-11.10.0-fixed/channels/chan_sip.c  2014-06-23 17:38:13.338896511 +0400
@@ -12653,7 +12653,7 @@

                if (candidate->type == AST_RTP_ICE_CANDIDATE_TYPE_SRFLX
                        && candidate->id == AST_RTP_ICE_COMPONENT_RTCP) {
-                       ast_str_append(a_buf, 0, "%d typ ", ast_sockaddr_port(&candidate->address) + 1);
+                       ast_str_append(a_buf, 0, "%d typ ", ast_sockaddr_port(&candidate->address) );
                } else {
                        ast_str_append(a_buf, 0, "%s typ ", ast_sockaddr_stringify_port(&candidate->address));
                }
{code}

  was:
sipml5 does not work trougth NAT becouse it's can connect to second candidate port if ice is on. You have small logic bug. 
1. You have 2 candidates - port X and port Y.
2. Y = X+1. 
3. Also you have ICE in reply to client: X and Y + 1. Y already +1! 
Result: You have in ICE answer X and X+2.

Its wrong. Port before NAT and after NAT must be some!

before patch:
{code}
a=candidate:Had86137 1 UDP 2130706431 10.216.97.55 54982 typ host
a=candidate:S5bc2e2f0 1 UDP 1694498815 91.194.226.240 54982 typ srflx
a=candidate:Had86137 2 UDP 2130706430 10.216.97.55 54983 typ host
a=candidate:S5bc2e2f0 2 UDP 1694498814 91.194.226.240 54984 typ srflx
{code}

After:
{code}
a=candidate:Had86137 1 UDP 2130706431 10.216.97.55 54982 typ host
a=candidate:S5bc2e2f0 1 UDP 1694498815 91.194.226.240 54982 typ srflx
a=candidate:Had86137 2 UDP 2130706430 10.216.97.55 54983 typ host
a=candidate:S5bc2e2f0 2 UDP 1694498814 91.194.226.240 54983 typ srflx
{code}

Patch:

{code}
--- asterisk-11.10.0/channels/chan_sip.c        2014-05-13 21:40:00.000000000 +0400
+++ as
terisk-11.10.0-fixed/channels/chan_sip.c  2014-06-23 17:38:13.338896511 +0400
@@ -12653,7 +12653,7 @@

                if (candidate->type == AST_RTP_ICE_CANDIDATE_TYPE_SRFLX
                        && candidate->id == AST_RTP_ICE_COMPONENT_RTCP) {
-                       ast_str_append(a_buf, 0, "%d typ ", ast_sockaddr_port(&candidate->address) + 1);
+                       ast_str_append(a_buf, 0, "%d typ ", ast_sockaddr_port(&candidate->address) );
                } else {
                        ast_str_append(a_buf, 0, "%s typ ", ast_sockaddr_stringify_port(&candidate->address));
                }
{code}


> Fix for ICE nat
> ---------------
>
>                 Key: ASTERISK-23997
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-23997
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/WebSocket
>    Affects Versions: 11.10.0
>            Reporter: Badalian Vyacheslav
>            Severity: Critical
>
> sipml5 does not work trougth NAT becouse it's can connect to second candidate port if ice is on. You have small logic bug. 
> 1. You have 2 candidates - port X and port Y.
> 2. Y = X+1. 
> 3. Also you have ICE in reply to client: X and Y + 1. Y already +1! 
> Result: In ICE answer you have X and X+2.
> Its wrong. Port before NAT and after NAT must be some!
> before patch:
> {code}
> a=candidate:Had86137 1 UDP 2130706431 10.216.97.55 54982 typ host
> a=candidate:S5bc2e2f0 1 UDP 1694498815 91.194.226.240 54982 typ srflx
> a=candidate:Had86137 2 UDP 2130706430 10.216.97.55 54983 typ host
> a=candidate:S5bc2e2f0 2 UDP 1694498814 91.194.226.240 54984 typ srflx
> {code}
> After:
> {code}
> a=candidate:Had86137 1 UDP 2130706431 10.216.97.55 54982 typ host
> a=candidate:S5bc2e2f0 1 UDP 1694498815 91.194.226.240 54982 typ srflx
> a=candidate:Had86137 2 UDP 2130706430 10.216.97.55 54983 typ host
> a=candidate:S5bc2e2f0 2 UDP 1694498814 91.194.226.240 54983 typ srflx
> {code}
> Patch:
> {code}
> --- asterisk-11.10.0/channels/chan_sip.c        2014-05-13 21:40:00.000000000 +0400
> +++ as
> terisk-11.10.0-fixed/channels/chan_sip.c  2014-06-23 17:38:13.338896511 +0400
> @@ -12653,7 +12653,7 @@
>                 if (candidate->type == AST_RTP_ICE_CANDIDATE_TYPE_SRFLX
>                         && candidate->id == AST_RTP_ICE_COMPONENT_RTCP) {
> -                       ast_str_append(a_buf, 0, "%d typ ", ast_sockaddr_port(&candidate->address) + 1);
> +                       ast_str_append(a_buf, 0, "%d typ ", ast_sockaddr_port(&candidate->address) );
>                 } else {
>                         ast_str_append(a_buf, 0, "%s typ ", ast_sockaddr_stringify_port(&candidate->address));
>                 }
> {code}



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list