summaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* udp-turn: Create locked version of realm&nonce cache functionOlivier Crête2018-11-191-6/+13
| | | | To be able to call it from a context that is already locked.
* udp-bsd: Protect the GSocketAddress cache with a mutexOlivier Crête2018-11-161-8/+22
|
* agent: check message length before extracting RFC4571 frame sizeJakub Adam2018-10-311-2/+2
| | | | | | | | | nice_socket_recv_messages() may return a NiceInputMessage of length = 0, so before attempting to read the RFC4571 header check the message really has at least sizeof (guint16) bytes of data. The bug's always been there, the previous commit only made it more apparent.
* udp-turn: handle multiple RFC4571 frames received in a TCP-TURN messageJakub Adam2018-10-313-1/+309
| | | | | | | | | | There might be multiple RFC4571-framed messages (or fragments thereof) within a single TCP-TURN message. Make sure each NiceInputMessage passed by the user into socket_recv_messages() gets exactly one RFC4571 frame, or remains empty if there aren't any messages to receive. We should keep any data that doesn't fit into the user buffers for the next time socket_recv_messages() gets called with the socket.
* udp-turn: don't re-iterate incoming TURN control messagesJakub Adam2018-10-311-9/+4
| | | | | | | | | | | | After being parsed, a TURN control message turns into a NiceInputMessage with zero length. Such message doesn't increment the iteration counter i and so is re-processed in the next iteration, which detects right away that message->length == 0 and continues to the next element in recv_messages. Thus, n_valid_messages variable serves no real purpose and to achieve the same result we can simply increment the iteration counter after each message.
* udp-turn: Start function with lock instead of unlockOlivier Crête2018-10-311-1/+1
|
* udp-turn: Restore global locksOlivier Crête2018-10-281-17/+119
| | | | | The socket abstraction not being reference counted, we need a global lock for them in the short term.
* udp-turn: Rename misleading function, it's a timeoutOlivier Crête2018-10-281-3/+3
| | | | It's not locked in any way.
* udp-turn: Factor our SendRequest destructionOlivier Crête2018-10-281-27/+15
|
* component: Replace agent pointer with weak referenceOlivier Crête2018-10-286-73/+126
| | | | This should make it safer.
* udp-turn: Restore synchronized seconds timeoutOlivier Crête2018-10-281-6/+23
|
* agent: Remove explicit parent pointersOlivier Crête2018-10-289-145/+172
| | | | Remove all pointers that don't include have a reference except to agents
* Use per-agent locks and GWeakRefs in callbacks from timeout sourcesJuan Navarro2018-10-2810-325/+281
| | | | | | | | | | | | | | | | | | | | | Work on libnice's bug #1 in Gitlab. This work is composed of multiple merged parts: - "Global lock contention removed" Phabricator D1900: https://phabricator.freedesktop.org/D1900 By @nifigase Opened in GitLab as Merge Request !12 - "agent: properly handle NiceAgent ref in callbacks from timeout sources" Phabricator D1898: https://phabricator.freedesktop.org/D1898 By @mparis This patch was itself based upon a previous version of the work done in D1900. After the switch of hosting, it got lost. On top of these, additions to follow some review comments from @ocrete: - https://phabricator.freedesktop.org/D1900#40412 - https://phabricator.freedesktop.org/D1898#39332
* component: Also accept TCP from udp-turn socketOlivier Crête2018-10-211-1/+2
|
* Fix build with android NDK r16Matthew Waters2018-10-211-3/+4
| | | | getifaddrs() may only be available if the target API is >= 24
* conncheck: don't disable keepalive on TCP if it's explicitly enabledMichael Olbrich2018-10-211-2/+3
| | | | | This makes it possible to enable keepalive for TCP candidates. It is useful to detect disappearing peers or network failures faster.
* stun: check identifier before using itMichael Olbrich2018-10-211-1/+2
| | | | | | | By default, 'candidate_identifier == NULL' only happens for 'compatibility == NICE_COMPATIBILITY_GOOGLE'. However, keepalive=true will also trigger the same code path so candidate_identifier must be checked to avoid a segfault.
* agent: fix crash with debugging enabledMichael Olbrich2018-10-211-1/+1
| | | | | For some connection types nicesock->fileno is never set. Make sure it is not NULL before using it.
* configure: Allow selecting crypto library manuallyOlivier Crête2018-10-211-7/+33
|
* stun: Add support to detect OpenSSLBrendan Shanks2018-10-212-5/+18
|
* stun: Add implementation using OpenSSL for rand/SHA1/MD5Brendan Shanks2018-10-213-3/+97
|
* openssl: Add ax_check_openssl.m4Brendan Shanks2018-10-211-0/+124
|
* tests: Remove non-existing mainloop test from Makefile.amOlivier Crête2018-10-211-2/+0
|
* Add GitLab CI configurationadd-ciOlivier Crête2018-06-211-0/+42
|
* docs: Add missing symbols to various sectionsOlivier Crête2018-06-191-0/+18
|
* Makefile.am: Replace valgrind.sh with valgrind-test-driverOlivier Crête2018-06-191-1/+1
|
* Remove Phabricator .arcconfigOlivier Crête2018-06-181-7/+0
| | | | Now, we use GitLab at https://gitlab.freedesktop.org/libnice/libnice
* test-bind: define MSG_NOSIGNAL if undefinedJustin Kim2018-06-181-1/+3
| | | | | | MacOS X and Windows don't have MSG_NOSIGNAL. Signed-off-by: Justin Kim <justin.kim@collabora.com>
* Fix queue_clear replaced by queue_free errorNicolas Dufresne2018-06-182-2/+4
| | | | | | | | | There was two cases where instead of freeing the queue, we actually clear the queue so it's ready for reused. Notably in nice_socket_free_send_queue(), a missed name function and nicesrc element state change. This regression was introduced by: fa783b1dd727a6ee2b99a111ca24790ae850c2f7
* Fix cast-function-type warning introduced in GCC 8Nicolas Dufresne2018-06-128-28/+20
| | | | | | This is new warning introduced with GCC 8. This is being fixed by using appropriate function, like g_queue_free_full/g_list_free_full or by casting to GCallback before casting to the target function signature. Closes: #46
* discovery: fix candidate foundation using valid charactersMiguel París Díaz2018-06-061-2/+2
| | | | | | | | Following [1] and [2], "-" character is not allowed for foundation Refs [1] https://tools.ietf.org/html/rfc5245#page-73 [2] https://tools.ietf.org/html/rfc5234#appendix-B.1
* test-pseudotcp(-fuzzy): Fix format string warnings causing build errors on ↵Brendan Shanks2018-06-062-3/+4
| | | | | | 32-bit Closes: ttps://gitlab.freedesktop.org/libnice/libnice/issues/45
* stun: Also rename windows-specific functionEdward Hervey2018-06-061-1/+1
| | | | | | | Like all other instances of nice_RAND_bytes that were renamed to nice_RAND_nonce. Fixes the windows build
* agent: Redefine socket error messages for windowsEdward Hervey2018-06-061-0/+8
| | | | In the same way we do it for the other error messages
* stund: Pass sockaddr_storage size for both familiesOlivier Crête2018-05-041-7/+2
|
* stund: Pass the right length for ipv6Olivier Crête2018-05-041-1/+5
|
* Ignore function case warningsOlivier Crête2018-05-041-0/+1
| | | | This makes GLib usage annoying as it makes GSourceFunc casts invalid.
* agent: don't require "reliable" be TRUE in order to use "ice-tcp"Jakub Adam2018-03-232-10/+6
| | | | | | | | | Setting writable socket callbacks doesn't have to be limited to reliable agents. TCP sockets need the callback in any case for correct operation and calling nice_socket_set_writable_callback() on a NiceSocket that has UDP as its base has no effect. Differential Revision: https://phabricator.freedesktop.org/D1726
* discovery: ignore bogus Skype for Business srflx addressesJakub Adam2018-03-231-10/+21
| | | | | | | | | | | | | | | If main SfB TURN server sends our allocation request to an alternate server, the response will have XOR_MAPPED_ADDRESS containing the IP address of the turn server that proxied the message instead of our own actual external IP. Before we create server reflexive candidates upon receiving an allocate response, check that the TURN port got assigned on the same server we sent out allocate request to. Otherwise, the request was proxied and XOR_MAPPED_ADDRESS contains a bogus value we should ignore. Issue introduced by 59fcf95d505c3995f858b826d10cd48321ed383e. Differential Revision: https://phabricator.freedesktop.org/D1949
* agent: make candidate username and password immutableFabrice Bellet2018-03-231-6/+13
| | | | | | | | | | | | | | | With this patch we prevent the username and the password of a candidate to be modified during a session, as required by the RFC, sect 9.1.2. This is also needed from a memory management point of view, because the password string pointer may be recorded in the components stun agent sent_ids[] struct key member, and freeing these values there may cause an use-after-free condition, when an inbound stun is received from this candidate. This behavior has been observed with pidgin, xmpp, and farstream when a same remote candidates are "updated" several times, even if the credentials don't change in this case. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1917
* discovery: ignore all non-relay local candidates when relay is forcedFabrice Bellet2018-03-231-1/+2
| | | | | | | | The tcp server reflexive discovered local candidates must be ignored when force_relay is set. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1899
* conncheck: dont fail a stream with a empty conncheck listFabrice Bellet2018-03-231-3/+6
| | | | | | | | Since commit 17f30e4, we may have a stream with an empty conncheck list, and such a stream obviously should not be tested for failed components. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1895
* socket: ping the stun server address on the right socketFabrice Bellet2018-03-232-6/+10
| | | | | | | | Verify the compatibility of the socket domain with the stun server IP address, before sending a request. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1894
* conncheck: make debug more homonegeousFabrice Bellet2018-03-231-17/+18
| | | | | Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1893
* conncheck: factorize pair state debugFabrice Bellet2018-03-231-38/+31
| | | | | Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1892
* conncheck: the conncheck send function may failFabrice Bellet2018-03-231-2/+10
| | | | | | | | With this patch, we put the pair in state failed if we cannot send the connection check, for example due to missing local credentials. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1891
* test-new-dribble: make credentials swap asymmetricFabrice Bellet2018-03-231-32/+23
| | | | | | | | | | | | the first case of test-new-dribble (standard-test) is updated, by making the credentials swap between the left and right agent asymmetric. Previously, ragent started to receive stun requests without initially knowing lagent candidates. Now, ragent also ignores lagent credentials. This modification allows to test changes introduced by the previous commit. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1890
* conncheck: rework early stun requests handlingFabrice Bellet2018-03-233-145/+66
| | | | | | | | | | | | | | | | | | | | | | With this patch we simplify the code used to handle the incoming stun request when remote candidates or remote credentials have not been received yet. When the remote credentials is unknown, the stun request is stored in a list of incoming_checks for later processing, and no further processing is done, except responding to the request. When the remote credentials are received, the triggered checks for these incoming checks can now be queued, and the related pairs are created. If the remote candidates have not been received when the stun request on a valid local port arrives, a peer-reflexive remote candidate will be created. This candidate may need to be updated later when remote candidates are finally received, including candidate priority and foundation, and also related pairs. Reviewed-by: Olivier Crête <olivier.crete@collabora.com> Differential Revision: https://phabricator.freedesktop.org/D1889
* agent: Fixes incompatible pointer type warning on OSX.Jozsef Vass2018-03-221-1/+1
| | | | The variable tie is actually never read.
* conncheck: handle alternate-server for turn relays differentlyYouness Alaoui2017-11-281-13/+43
| | | | | | | If a relay gives us an alternate-server, we need to cancel and reset every candidate discovery attempt that uses the same server, to avoid ending up with one component on one server and the other component on another server (causing relay candidates with mismatched foundations).
View Lorry Controller Status