From 1bf57a42fa5c36977132d21f59ca6637fcd0c3d3 Mon Sep 17 00:00:00 2001
From: Marvin W <git@larma.de>
Date: Sun, 9 Jul 2023 14:14:43 +0200
Subject: Do not send DTLS datagrams to RTP even after handshake

Also post debug message in case we drop datagrams
---
 plugins/ice/src/dtls_srtp.vala | 11 +++++++++--
 1 file changed, 9 insertions(+), 2 deletions(-)

(limited to 'plugins')

diff --git a/plugins/ice/src/dtls_srtp.vala b/plugins/ice/src/dtls_srtp.vala
index 6987a0d2..e2817ef3 100644
--- a/plugins/ice/src/dtls_srtp.vala
+++ b/plugins/ice/src/dtls_srtp.vala
@@ -38,7 +38,11 @@ public class Handler {
     }
 
     public uint8[]? process_incoming_data(uint component_id, uint8[] data) throws Crypto.Error {
-        if (srtp_session.has_decrypt) {
+        if (data[0] >= 128) {
+            if (!srtp_session.has_decrypt) {
+                debug("Received data before SRTP session is ready, dropping.");
+                return null;
+            }
             if (component_id == 1) {
                 if (data.length >= 2 && data[1] >= 192 && data[1] < 224) {
                     return srtp_session.decrypt_rtcp(data);
@@ -46,9 +50,12 @@ public class Handler {
                 return srtp_session.decrypt_rtp(data);
             }
             if (component_id == 2) return srtp_session.decrypt_rtcp(data);
-        } else if (component_id == 1 && (data[0] >= 20 && data[0] <= 63)) {
+        }
+        if (component_id == 1 && data.length >= 1 && (data[0] >= 20 && data[0] < 64)) {
             on_data_rec(data);
+            return null;
         }
+        debug("Dropping unknown data from component %u", component_id);
         return null;
     }
 
-- 
cgit v1.2.3-54-g00ecf