git.ipfire.org Git - thirdparty/asterisk.git/commit

author	George Joseph <gjoseph@sangoma.com>
	Mon, 16 Sep 2024 21:17:28 +0000 (15:17 -0600)
committer	Asterisk Development Team <asteriskteam@digium.com>
	Thu, 14 Nov 2024 20:02:03 +0000 (20:02 +0000)
commit	cbbd2a6b47fdd22da3570859457dcf0c45287832
tree	88ab2db9b70621025c3c029fbbb735ccb8b243ff	tree
parent	c7beb10006eb80bae51ed703e6bb2928dd5c7f5a	commit \| diff

res_rtp_asterisk: Fix dtls timer issues causing FRACKs and SEGVs

In dtls_srtp_handle_timeout(), when DTLSv1_get_timeout() returned
success but with a timeout of 0, we were stopping the timer and
decrementing the refcount on instance but not resetting the
timeout_timer to -1.  When dtls_srtp_stop_timeout_timer()
was later called, it was atempting to stop a stale timer and could
decrement the refcount on instance again which would then cause
the instance destructor to run early.  This would result in either
a FRACK or a SEGV when ast_rtp_stop(0 was called.

According to the OpenSSL docs, we shouldn't have been stopping the
timer when DTLSv1_get_timeout() returned success and the new timeout
was 0 anyway.  We should have been calling DTLSv1_handle_timeout()
again immediately so we now reschedule the timer callback for
1ms (almost immediately).

Additionally, instead of scheduling the timer callback at a fixed
interval returned by the initial call to DTLSv1_get_timeout()
(usually 999 ms), we now reschedule the next callback based on
the last call to DTLSv1_get_timeout().

Resolves: #487
(cherry picked from commit fe5bea34ab52110fdec3db83a5d593c4bb6ab78e)