From ce9905cdf48908ed72c2b094c041922b447ed04f Mon Sep 17 00:00:00 2001 From: Dragos Oancea Date: Wed, 15 Sep 2021 10:58:53 +0000 Subject: [PATCH] [core] don't hangup call on SRTP errors (new default behaviour) --- src/include/switch_types.h | 1 + src/switch_rtp.c | 41 ++++++++++++++++++++++++++++++++++---- 2 files changed, 38 insertions(+), 4 deletions(-) diff --git a/src/include/switch_types.h b/src/include/switch_types.h index b9ae217472..0435a9f81f 100644 --- a/src/include/switch_types.h +++ b/src/include/switch_types.h @@ -843,6 +843,7 @@ typedef enum { SWITCH_RTP_FLAG_PASSTHRU, SWITCH_RTP_FLAG_SECURE_SEND_MKI, SWITCH_RTP_FLAG_SECURE_RECV_MKI, + SWITCH_RTP_FLAG_SRTP_HANGUP_ON_ERROR, SWITCH_RTP_FLAG_AUDIO_FIRE_SEND_RTCP_EVENT, SWITCH_RTP_FLAG_VIDEO_FIRE_SEND_RTCP_EVENT, SWITCH_RTP_FLAG_INVALID diff --git a/src/switch_rtp.c b/src/switch_rtp.c index 12360c522c..cac610b203 100644 --- a/src/switch_rtp.c +++ b/src/switch_rtp.c @@ -1501,6 +1501,41 @@ static void zrtp_logger(int level, const char *data, int len, int offset) } #endif +#ifdef ENABLE_SRTP +SWITCH_DECLARE(void) switch_srtp_err_to_txt(srtp_err_status_t stat, char **msg) +{ + if (stat == srtp_err_status_replay_fail) *msg="replay check failed"; + else if (stat == srtp_err_status_auth_fail) *msg="auth check failed"; + else if (stat == srtp_err_status_fail) *msg="unspecified failure"; + else if (stat == srtp_err_status_bad_param) *msg="unsupported parameter"; + else if (stat == srtp_err_status_alloc_fail) *msg="couldn't allocate memory"; + else if (stat == srtp_err_status_dealloc_fail) *msg="couldn't deallocate properly"; + else if (stat == srtp_err_status_init_fail) *msg="couldn't initialize"; + else if (stat == srtp_err_status_terminus) *msg="can't process as much data as requested"; + else if (stat == srtp_err_status_cipher_fail) *msg="cipher failure"; + else if (stat == srtp_err_status_replay_old) *msg="replay check failed"; + else if (stat == srtp_err_status_algo_fail) *msg="algorithm failed test routine"; + else if (stat == srtp_err_status_no_such_op) *msg="unsupported operation"; + else if (stat == srtp_err_status_no_ctx) *msg="no appropriate context found"; + else if (stat == srtp_err_status_cant_check) *msg="auth check failed"; + else if (stat == srtp_err_status_key_expired) *msg="can't use key any more"; + else if (stat == srtp_err_status_socket_err) *msg="error in use of socket"; + else if (stat == srtp_err_status_signal_err) *msg="error in use POSIX signals"; + else if (stat == srtp_err_status_nonce_bad) *msg="nonce check failed"; + else if (stat == srtp_err_status_read_fail) *msg="couldn't read data"; + else if (stat == srtp_err_status_write_fail) *msg="couldn't write data"; + else if (stat == srtp_err_status_parse_err) *msg="error parsing data"; + else if (stat == srtp_err_status_write_fail) *msg="couldn't read data"; + else if (stat == srtp_err_status_encode_err) *msg="error encoding data"; + else if (stat == srtp_err_status_semaphore_err) *msg="error while using semaphores"; + else if (stat == srtp_err_status_pfkey_err) *msg="error while using pfkey "; + else if (stat == srtp_err_status_bad_mki) *msg="error MKI present in packet is invalid"; + else if (stat == srtp_err_status_pkt_idx_old) *msg="packet index is too old to consider"; + else if (stat == srtp_err_status_pkt_idx_adv) *msg="packet index advanced, reset needed"; + else *msg=""; +} +#endif + SWITCH_DECLARE(void) switch_rtp_init(switch_memory_pool_t *pool) { #ifdef ENABLE_ZRTP @@ -6419,11 +6454,9 @@ static switch_status_t read_rtp_packet(switch_rtp_t *rtp_session, switch_size_t if (stat && rtp_session->recv_msg.header.pt != rtp_session->recv_te && rtp_session->recv_msg.header.pt != rtp_session->cng_pt) { int errs = ++rtp_session->srtp_errs[rtp_session->srtp_idx_rtp]; - if (stat != 10) { + if (rtp_session->flags[SWITCH_RTP_FLAG_SRTP_HANGUP_ON_ERROR] && stat != srtp_err_status_replay_old) { char *msg; - if (stat == srtp_err_status_replay_fail) msg="replay check failed"; - else if (stat == srtp_err_status_auth_fail) msg="auth check failed"; - else msg=""; + switch_srtp_err_to_txt(stat, &msg); if (errs >= MAX_SRTP_ERRS) { switch_channel_t *channel = switch_core_session_get_channel(rtp_session->session); switch_log_printf(SWITCH_CHANNEL_SESSION_LOG(rtp_session->session), SWITCH_LOG_WARNING,