Commit 0a2cb0a9 authored by Fabrice Bellet's avatar Fabrice Bellet Committed by Olivier Crête

agent: do not create a GSource for UDP TURN socket

With this patch, we don't create a new GSource for udp-turn socket,
because it would duplicate the packets already received on the base UDP
socket, as the underlying GSocket is the same. This is a race condition,
because an UDP packet arriving on the base socket, may randomly be
handled by the GSource callback created for the base socket (udp-bsd) of
the callback created for the udp-turn socket. Moreover this callback
already knows how to parse UDP datagrams received from a known turn
server.

This patch also prevents a subtle bug, when a STUN request is received
directly from a peer, is handled by the udp turn socket. If the agent
already has a valid permission for this remote candidate, established
for another pair, it will happily send the STUN reply through the turn
relay. This generates a source address mismatch on the peer agent, when
it'll receive the STUN response from the turn relay instead of the
initial address the request has been sent to.

Differential Revision: https://phabricator.freedesktop.org/D932
parent f6f704c5
......@@ -105,6 +105,13 @@ socket_source_attach (SocketSource *socket_source, GMainContext *context)
if (socket_source->socket->fileno == NULL)
return;
/* Do not create a GSource for UDP turn socket, because it
* would duplicate the packets already received on the base
* UDP socket.
*/
if (socket_source->socket->type == NICE_SOCKET_TYPE_UDP_TURN)
return;
/* Create a source. */
source = g_socket_create_source (socket_source->socket->fileno,
G_IO_IN, NULL);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment