<p>Kevin Harwell <strong>uploaded patch set #2</strong> to this change.</p><p><a href="https://gerrit.asterisk.org/c/asterisk/+/13805">View Change</a></p><pre style="font-family: monospace,monospace; white-space: pre-wrap;">res_rtp_asterisk: bad audio (static) due to incomplete dtls/srtp setup<br><br>There was a race condition between client initiated DTLS setup, and handling<br>of server side ice completion that caused the underlying SSL object to get<br>cleared during DTLS initialization. If this happened Asterisk would be left<br>in a partial DTLS setup state. RTP packets were sent and received, but were<br>not being encrypted and decrypted. This resulted in no audio, or static.<br><br>Specifically, this occurred when '__rtp_recvfrom' was processing the handshake<br>sequence from the client to the server, and then 'ast_rtp_on_ice_complete'<br>gets called from another thread and clears the SSL object when calling the<br>'dtls_perform_setup' function. The timing had to be just right in the sense<br>that from the external SSL library perspective SSL initialization completed<br>(rtp recv), Asterisk clears/resets the SSL object (ice done), and then checks<br>to see if SSL is intialized (rtp recv). Since it was cleared, Asterisk thinks<br>it is not finished, thus not completing 'dtls_srtp_setup'.<br><br>This patch removes calls to 'dtls_perform_setup', which clears the SSL object,<br>in 'ast_rtp_on_ice_complete'. When ice completes, there is no reason to clear<br>the underlying SSL object. If an ice candidate changes a full protocol level<br>renegotiation occurs. Also, in the case of bundled ICE candidates are reused<br>when a stream is added. So no real reason to have to clear, and reset in this<br>instance.<br><br>Also, this patch adds a bit of extra logging to aid in diagnosis of any future<br>problems.<br><br>ASTERISK-28742 #close<br><br>Change-Id: I34c9e6bad5a39b087164646e2836e3e48fe6892f<br>---<br>M res/res_rtp_asterisk.c<br>1 file changed, 28 insertions(+), 2 deletions(-)<br><br></pre><pre style="font-family: monospace,monospace; white-space: pre-wrap;">git pull ssh://gerrit.asterisk.org:29418/asterisk refs/changes/05/13805/2</pre><p>To view, visit <a href="https://gerrit.asterisk.org/c/asterisk/+/13805">change 13805</a>. To unsubscribe, or for help writing mail filters, visit <a href="https://gerrit.asterisk.org/settings">settings</a>.</p><div itemscope itemtype="http://schema.org/EmailMessage"><div itemscope itemprop="action" itemtype="http://schema.org/ViewAction"><link itemprop="url" href="https://gerrit.asterisk.org/c/asterisk/+/13805"/><meta itemprop="name" content="View Change"/></div></div>
<div style="display:none"> Gerrit-Project: asterisk </div>
<div style="display:none"> Gerrit-Branch: 16 </div>
<div style="display:none"> Gerrit-Change-Id: I34c9e6bad5a39b087164646e2836e3e48fe6892f </div>
<div style="display:none"> Gerrit-Change-Number: 13805 </div>
<div style="display:none"> Gerrit-PatchSet: 2 </div>
<div style="display:none"> Gerrit-Owner: Kevin Harwell <kharwell@digium.com> </div>
<div style="display:none"> Gerrit-Reviewer: Friendly Automation </div>
<div style="display:none"> Gerrit-Reviewer: Joshua Colp <jcolp@sangoma.com> </div>
<div style="display:none"> Gerrit-CC: Richard Mudgett <rmudgett@digium.com> </div>
<div style="display:none"> Gerrit-MessageType: newpatchset </div>