dtlsconnection: do not set keys_exported flag if actually not exported

keys_exported flag should be set only if keys are actually exported.
For that the next conditions are needed:
  1 - SSL_export_keying_material on success
  2 - SSL_get_selected_srtp_profile returns a valid profile
  3 - The profile ID is SRTP_AES128_CM_SHA1_80 or SRTP_AES128_CM_SHA1_32

Also don't crash if NULL is returned as profile.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1612>

1 files changed, 7 insertions, 2 deletions

diff --git a/ext/dtls/gstdtlsconnection.c b/ext/dtls/gstdtlsconnection.c
index ee0296aa5..8cf34e0b5 100644
--- a/ext/dtls/gstdtlsconnection.c
+++ b/ext/dtls/gstdtlsconnection.c
@@ -675,6 +675,12 @@ export_srtp_keys (GstDtlsConnection * self)
 
   profile = SSL_get_selected_srtp_profile (self->priv->ssl);
 
+  if (!profile) {
+    GST_WARNING_OBJECT (self,
+        "no srtp capabilities negotiated during handshake");
+    return;
+  }
+
   GST_INFO_OBJECT (self, "keys received, profile is %s", profile->name);
 
   switch (profile->id) {
@@ -688,7 +694,7 @@ export_srtp_keys (GstDtlsConnection * self)
       break;
     default:
       GST_WARNING_OBJECT (self, "invalid crypto suite set by handshake");
-      goto beach;
+      return;
   }
 
   client_key.key = exported_keys.client_key;
@@ -708,7 +714,6 @@ export_srtp_keys (GstDtlsConnection * self)
         auth);
   }
 
-beach:
   self->priv->keys_exported = TRUE;
 }