agent: do not create a GSource for UDP TURN socket

With this patch, we don't create a new GSource for udp-turn socket,
because it would duplicate the packets already received on the base UDP
socket, as the underlying GSocket is the same. This is a race condition,
because an UDP packet arriving on the base socket, may randomly be
handled by the GSource callback created for the base socket (udp-bsd) of
the callback created for the udp-turn socket. Moreover this callback
already knows how to parse UDP datagrams received from a known turn
server.

This patch also prevents a subtle bug, when a STUN request is received
directly from a peer, is handled by the udp turn socket. If the agent
already has a valid permission for this remote candidate, established
for another pair, it will happily send the STUN reply through the turn
relay. This generates a source address mismatch on the peer agent, when
it'll receive the STUN response from the turn relay instead of the
initial address the request has been sent to.

Differential Revision: https://phabricator.freedesktop.org/D932

1 files changed, 7 insertions, 0 deletions

diff --git a/agent/component.c b/agent/component.c
index ba28ffa..ab665b6 100644
--- a/agent/component.c
+++ b/agent/component.c
@@ -105,6 +105,13 @@ socket_source_attach (SocketSource *socket_source, GMainContext *context)
   if (socket_source->socket->fileno == NULL)
     return;
 
+  /* Do not create a GSource for UDP turn socket, because it
+   * would duplicate the packets already received on the base
+   * UDP socket.
+   */
+  if (socket_source->socket->type == NICE_SOCKET_TYPE_UDP_TURN)
+    return;
+
   /* Create a source. */
   source = g_socket_create_source (socket_source->socket->fileno,
       G_IO_IN, NULL);