1. 12 Jun, 2017 5 commits
    • Fabrice Bellet's avatar
      conncheck: implement ice regular nomination method · 0636f9ad
      Fabrice Bellet authored
      This patch implements Regular Nomation as described in RFC5245
      8.1.1.1. The controlling agent lets valid pairs accumulate, and
      decides which pair to recheck with the use-candidate attribute set.
      priv_mark_pair_nominated() follows 7.2.1.5, to update the nominated
      pair when acting as a STUN server, and
      priv_map_reply_to_conn_check_request() implements 7.1.3.2.4 to
      update the nominated pair when acting as a STUN client. A new
      property is also added to the agent to control the nomination
      mode, which can be regular of aggressive, with default value
      set to aggressive.
      
      Two new flags are introduced in the CandidateCheckPair structure:
      
      - use_candidate_on_next_check indicates the STUN client to add the
        use-candidate attribute when the pair will be checked. At this
        time, the nominated flag has not been set on this pair yet.
      
      - mark_nominated_on_response_arrival indicates the STUN server
        to nominate the pair when its succesfull response to a
        previous triggered check will arrive (7.2.1.5, item #2)
      
      Differential Revision: https://phabricator.freedesktop.org/D811
      0636f9ad
    • Fabrice Bellet's avatar
      conncheck: fix pair state transition when successful response is received · a602ff57
      Fabrice Bellet authored
      According the ICE RFC 5245, 7.1.3.2.3, the pair that *generated* a
      successful check should go to state succeeded, not only the valid
      pair built in section 7.1.3.2.2.
      
      Differential Revision: https://phabricator.freedesktop.org/D810
      a602ff57
    • Fabrice Bellet's avatar
      conncheck: peer reflexive candidates are not paired · 3a58ba61
      Fabrice Bellet authored
      This patch makes the code compliant with ICE RFC, 7.2.1.3 "Learning
      Peer Reflexive Candidates" and 7.1.3.2.1 "Discovering Peer Reflexive
      Candidates", where discovered candidates do not cause the creation
      of new pairs to be checked.
      
      Differential Revision: https://phabricator.freedesktop.org/D805
      3a58ba61
    • Fabrice Bellet's avatar
      conncheck: update selected pair when nominated flag is set · 7a2c1edf
      Fabrice Bellet authored
      This modifies commit 8f1f615e. It is better focused to update the
      selected pair just after its nominated flag has been set. We also keep
      the code homogeneous with other places, where the call to
      priv_update_selected_pair() immediately follows the setting of
      pair->nominated. Moreover in priv_update_check_list_state_for_ready(),
      we would call priv_update_selected_pair() more times that necessary when
      iterating on all nominated pairs.
      
      Differential Revision: https://phabricator.freedesktop.org/D1125
      7a2c1edf
    • Fabrice Bellet's avatar
      stun timer: make properties for stun timer tunables · 8bb210c5
      Fabrice Bellet authored
      Three STUN binding request properties should be customisable. RFC 5245
      describes the retransmission timer of the STUN transaction 'RTO', and
      RFC 5389 describes the number of retransmissions to send until a
      response is received 'Rc'. The third property is the 'RTO' when
      a reliable connection is used.
      
      RFC 5389 introduces a supplementary property 'Rm' as a multiplier used
      to compute the final timeout RTO * Rm. However, this property is not
      added in libnice, because this would require breaking the public API for
      STUN. Currently, our STUN implementation hardcodes a division by two for
      this final timeout.
      
      Differential Revision: https://phabricator.freedesktop.org/D1109
      8bb210c5
  2. 08 Jun, 2017 2 commits
  3. 01 May, 2017 1 commit
  4. 12 Apr, 2017 2 commits
    • Fabrice Bellet's avatar
      agent: do not create a GSource for UDP TURN socket · 0a2cb0a9
      Fabrice Bellet authored
      With this patch, we don't create a new GSource for udp-turn socket,
      because it would duplicate the packets already received on the base UDP
      socket, as the underlying GSocket is the same. This is a race condition,
      because an UDP packet arriving on the base socket, may randomly be
      handled by the GSource callback created for the base socket (udp-bsd) of
      the callback created for the udp-turn socket. Moreover this callback
      already knows how to parse UDP datagrams received from a known turn
      server.
      
      This patch also prevents a subtle bug, when a STUN request is received
      directly from a peer, is handled by the udp turn socket. If the agent
      already has a valid permission for this remote candidate, established
      for another pair, it will happily send the STUN reply through the turn
      relay. This generates a source address mismatch on the peer agent, when
      it'll receive the STUN response from the turn relay instead of the
      initial address the request has been sent to.
      
      Differential Revision: https://phabricator.freedesktop.org/D932
      0a2cb0a9
    • Fabrice Bellet's avatar
      stun timer: fix timeout of the last retransmission · f6f704c5
      Fabrice Bellet authored
      According to RFC 5389, section 7.2.1, a special timeout is applied to
      the last retransmission (Rm * RTO), with Rm default value of 16, instead
      of (64 * RTO), 2^6 when the number of transmissions Rc is set to 7.
      
      As spotted by Olivier Crete, stun_timer_* is a public API, that cannot
      be changed, and the initial delay (RTO) is not preserved in the
      stun_timer_s struct. So we use a hack that implicitely guess Rm from the
      number of transmissions Rc, by generalizing the default value of the
      spec for Rm and Rc to other values of Rc passed in stun_timer_start(
      
      According to the spec, with the default value of Rc=7, the last delay
      should be (64 * RTO), and it is instead (16 * RTO). So the last delay
      can be computed by dividing the penultimate delay by two, instead of
      multiplying it by two.
      
      Differential Revision: https://phabricator.freedesktop.org/D1108
      f6f704c5
  5. 11 Apr, 2017 5 commits
  6. 05 Apr, 2017 3 commits
  7. 04 Apr, 2017 7 commits
  8. 03 Apr, 2017 15 commits