[Asterisk-code-review] res rtp asterisk: Prevent simultaneous access to DTLS SSL co... (asterisk[11])

Mark Michelson asteriskteam at digium.com
Mon Jul 6 17:31:18 CDT 2015 

Mark Michelson has posted comments on this change.

Change subject: res_rtp_asterisk: Prevent simultaneous access to DTLS SSL context.
......................................................................


Patch Set 2:

(2 comments)

https://gerrit.asterisk.org/#/c/786/2/res/res_rtp_asterisk.c
File res/res_rtp_asterisk.c:

Line 1595: 	SSL_do_handshake(dtls->ssl);
         : 
         : 	/* Since the handshake is started in a thread outside of the channel thread it's possible
         : 	 * for the response to be handled in the channel thread before we start the timeout timer.
         : 	 * To ensure this doesn't actually happen we hold the DTLS lock. The channel thread will
         : 	 * block until we're done at which point the timeout timer will be immediately stopped.
         : 	 */
Would it make sense to have the call to SSL_do_handshake() happen inside the lock as well, then?


Line 2081: 			/* Since we've sent additional traffic start the timeout timer for retransmission */
         : 			dtls_srtp_start_timeout_timer(instance, rtp, rtcp);
This is the only instance of dtls_srtp_start_timeout_timer() that is called without the dtls->lock already held, and so it is the only code path that does not recursively lock dtls->lock. Maybe you could modify dtls_srtp_start_timeout_timer() to have the prerequisite of having dtls->lock locked, modify it not to lock dtls->lock itself, and then modify the highlighted section to lock dtls->lock before calling into dtls_srtp_start_timeout_timer()?


-- 
To view, visit https://gerrit.asterisk.org/786
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: comment
Gerrit-Change-Id: Ib75ea2546f29d6efc3d2d37c58df6986c7bd9b91
Gerrit-PatchSet: 2
Gerrit-Project: asterisk
Gerrit-Branch: 11
Gerrit-Owner: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Mark Michelson <mmichelson at digium.com>
Gerrit-Reviewer: Matt Jordan <mjordan at digium.com>
Gerrit-HasComments: Yes

More information about the asterisk-code-review mailing list