Commit 306d471a authored by Committed by Olivier Crête
conncheck: Only valid stun messages used for Keepalive
Previously, a STUN response for which there was no associated request would be considered valid media input and as such could keep a dead connection alive. If peer A was communicating with peer B and peer B got disconnected, the keepalive mechanism in peer A should detect this. However, a misbehaving STUN server could keep sending STUN responses to peer A which would then be considered a valid communication between A and B and thereby prevent the keepalive mechanism from shutting down the connection. Situation above refers to a stun message validated as STUN_VALIDATION_UNMATCHED_RESPONSE. With this change only messages validated as STUN_VALIDATION_SUCCESS may keep the connection alive.
Showing with 1 addition and 1 deletion