aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStephen Paul Weber <singpolyma@singpolyma.net>2023-07-04 21:59:24 -0500
committerMarvin W <git@larma.de>2023-07-09 14:32:33 +0200
commitf82f788f43e385391db2827cde151830fc91bc14 (patch)
treeadcfae6eb3d7cf2a4bc7dc14d2b1cb9c67650bdb
parent35163f08f9c0818100c9a574cd7029ec6aeb1498 (diff)
downloaddino-f82f788f43e385391db2827cde151830fc91bc14.tar.gz
dino-f82f788f43e385391db2827cde151830fc91bc14.zip
Ignore non-DTLS data before handshake is complete
https://datatracker.ietf.org/doc/html/rfc9147#name-demul https://datatracker.ietf.org/doc/html/rfc5764#section-5.1.2 If data is received before handshake is complete, discard it rather than forwarding it blindly to GnuTLS which can get confused.
-rw-r--r--plugins/ice/src/dtls_srtp.vala2
1 files changed, 1 insertions, 1 deletions
diff --git a/plugins/ice/src/dtls_srtp.vala b/plugins/ice/src/dtls_srtp.vala
index 298c0061..6987a0d2 100644
--- a/plugins/ice/src/dtls_srtp.vala
+++ b/plugins/ice/src/dtls_srtp.vala
@@ -46,7 +46,7 @@ public class Handler {
return srtp_session.decrypt_rtp(data);
}
if (component_id == 2) return srtp_session.decrypt_rtcp(data);
- } else if (component_id == 1) {
+ } else if (component_id == 1 && (data[0] >= 20 && data[0] <= 63)) {
on_data_rec(data);
}
return null;