From: Joshua Colp <jcolp@digium.com>
Date: Fri, 4 Jan 2013 21:18:07 +0000 (+0000)
Subject: Don't pass STUN packets through the SRTP unprotect function.
X-Git-Tag: 13.0.0-beta1~2234
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4838d6ff6845278d7ccc8fcc54676b38601de6e5;p=thirdparty%2Fasterisk.git

Don't pass STUN packets through the SRTP unprotect function.

(closes issue AST-1036)
Reported by: jbigelow
........

Merged revisions 378553 from http://svn.asterisk.org/svn/asterisk/branches/1.8
........

Merged revisions 378555 from http://svn.asterisk.org/svn/asterisk/branches/11


git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@378557 65c4cc65-6c06-0410-ace0-fbb531ad65f3
---

diff --git a/res/res_rtp_asterisk.c b/res/res_rtp_asterisk.c
index 5f9d40fb10..46ed35ff4b 100644
--- a/res/res_rtp_asterisk.c
+++ b/res/res_rtp_asterisk.c
@@ -1378,6 +1378,7 @@ static int __rtp_recvfrom(struct ast_rtp_instance *instance, void *buf, size_t s
 	int len;
 	struct ast_rtp *rtp = ast_rtp_instance_get_data(instance);
 	struct ast_srtp *srtp = ast_rtp_instance_get_srtp(instance);
+	char *in = buf;
 
 	if ((len = ast_recvfrom(rtcp ? rtp->rtcp->s : rtp->s, buf, size, flags, sa)) < 0) {
 	   return len;
@@ -1385,8 +1386,6 @@ static int __rtp_recvfrom(struct ast_rtp_instance *instance, void *buf, size_t s
 
 #ifdef HAVE_OPENSSL_SRTP
 	if (!rtcp) {
-		char *in = buf;
-
 		dtls_srtp_check_pending(instance, rtp);
 
 		/* If this is an SSL packet pass it to OpenSSL for processing */
@@ -1459,7 +1458,7 @@ static int __rtp_recvfrom(struct ast_rtp_instance *instance, void *buf, size_t s
 		rtp->passthrough = 0;
 	}
 
-	if (res_srtp && srtp && res_srtp->unprotect(srtp, buf, &len, rtcp) < 0) {
+	if ((*in > 1) && res_srtp && srtp && res_srtp->unprotect(srtp, buf, &len, rtcp) < 0) {
 	   return -1;
 	}