1. 06 Jan, 2021 2 commits
  2. 14 Dec, 2020 9 commits
  3. 10 Dec, 2020 1 commit
    • Matthew Waters's avatar
      agent: implement support for RFC7675 - Consent Freshness · 4a378b88
      Matthew Waters authored
      Specified in https://tools.ietf.org/html/rfc7675
      
      RFC 7675 is a slight modification of the existing keepalive connection
      checks that could be enabled manually or were used with the GOOGLE
      compatibility mode.
      
      Slight differences from the existing keepalive connection checks
      include:
      - an additional consent expiry timer instead of relying on all binding
        requests to succeed.
      - 403: 'Forbidden' stun error-code which revokes consent with immediate
        effect.
      4a378b88
  4. 07 Dec, 2020 4 commits
    • Olivier Crête's avatar
      interfaces: IPv6 addresses can have a scope and be very long · 3492be60
      Olivier Crête authored
      Just put a much larger buffer for this to work.
      
      Fixes #126
      3492be60
    • Fabrice Bellet's avatar
      conncheck: fix a buggy state transition · e51bcb25
      Fabrice Bellet authored
      The previous patch handling tcp disconnections forgot a case when the
      selected pair is removed, while in state ready, and in that situation,
      we should not jump back to connecting state, but fail instead. Just like
      we did at the beginning of the function.
      e51bcb25
    • Fabrice Bellet's avatar
      agent: report duplicated port in udp bsd sockets too · 7ec7f66d
      Fabrice Bellet authored
      This patch fixes cases, where the range is full, some ports fail with
      HOST_CANDIDATE_CANT_CREATE_SOCKET, other fail with
      HOST_CANDIDATE_DUPLICATE_PORT, the value of res we keep when leaving the
      loop is randomly the one of the last iteration of the loop.
      
      CANT_CREATE_SOCKET still happens when trying to create an udp bsd socket
      with the same address and port than one of another component, so it is
      also a case of duplicate port in fact.
      
      To be homogeneous, we add a gerror for nice_udp_bsd_socket_new(), like
      we did in nice_tcp_passive_socket_new(), and we can catch the same
      G_IO_ERROR_ADDRESS_IN_USE there too, when failing to get free available
      udp ports.
      
      This patch is a complement to merge request !158
      7ec7f66d
    • Fabrice Bellet's avatar
      conncheck: better handle remote tcp disconnection · cadf5118
      Fabrice Bellet authored
      With this patch, we handle tcp disconnections in a more robust way.
      Such disconnections cause the underlying socket to be detached, and
      various related pairs have to be discarded from the conncheck list.
      This may cause unexpected behaviour, like a previously connected
      component to come back in state connecting, if the selected pair
      is concerned by a tcp disconnection for example.
      cadf5118
  5. 26 Oct, 2020 1 commit
  6. 21 Oct, 2020 12 commits
  7. 20 Oct, 2020 1 commit
    • Johan Sternerup's avatar
      conncheck: Only valid stun messages used for Keepalive · 306d471a
      Johan Sternerup authored
      Previously, a STUN response for which there was no associated request
      would be considered valid media input and as such could keep a dead
      connection alive. If peer A was communicating with peer B and peer B got
      disconnected, the keepalive mechanism in peer A should detect this.
      However, a misbehaving STUN server could keep sending STUN responses to
      peer A which would then be considered a valid communication between A
      and B and thereby prevent the keepalive mechanism from shutting down the
      connection.
      
      Situation above refers to a stun message validated as
      STUN_VALIDATION_UNMATCHED_RESPONSE. With this change only messages
      validated as STUN_VALIDATION_SUCCESS may keep the connection alive.
      306d471a
  8. 17 Sep, 2020 1 commit
    • Johan Sternerup's avatar
      agent: Enable both UDP and TCP to the same TURN server · 303f0179
      Johan Sternerup authored
      Previously if we enabled both UDP and TCP to the same TURN server, the
      TCP connection would not work. What happened was that when traffic was
      targeted at the TCP connection we would fail to route the traffic to
      the right socket due to a too early jump out of the loop searching for
      the socket. The search would stop when finding a TURN server matching
      the address of the incoming message source. Thus, a UDP TURN server
      with the same address as the TCP TURN server would effectively mean
      that traffic got routed to a different stun agent that would complain
      about receiving responses without matching requests.
      303f0179
  9. 20 Aug, 2020 1 commit
  10. 18 Aug, 2020 2 commits
  11. 13 Aug, 2020 1 commit
  12. 10 Aug, 2020 2 commits
  13. 04 Aug, 2020 3 commits