1. 19 Jul, 2019 1 commit
    • Fabrice Bellet's avatar
      agent: fix server-reflexive candidates with oc2007r2 · c2ace8ea
      Fabrice Bellet authored
      The nomination of a pair having such a local candidate breaks SfB when
      the libnice agent is behind a nat that does not do port mapping
      randomization. In that case a server reflexive local candidate usually
      lead to a nominated pair.
      The guess made here from observing this behavior is that, it is valid to
      discover and signal these local server reflexive candidates to our peer,
      but they should be removed from our local candidates list thereafter, so
      they do not contribute to build a valid and *even worse* a nominated
      pair with the type server-reflexive. They do not appear in the conncheck
      list per design anyway.
      Instead, the same candidate is discovered again later during the
      conncheck, with a peer-reflexive type this time, and with that type, it
      just works.
      Closes #90
  2. 12 Jul, 2019 4 commits
    • Fabrice Bellet's avatar
      conncheck: avoid transport association mismatch · 85a5c0a0
      Fabrice Bellet authored
      In some rare cases, the same address and port number may match two
      remotes candidates, a tcp and an udp one, and lead to buggy pair
      construction with incompatible transport. This supplementary check
      prevents this problem. The matching test is not aimed to be exhaustive
      but just a way to discard obviously broken associations, and fallback to
      accept everything else (because socket type has a great diversity, with
      socket types based on other sockets types).
      It should fix #81, where such bogus transport association has been
      reported (tcp-pass:udp).
    • Jakub Adam's avatar
      interfaces: ignore only interfaces we really want to · bd4b4781
      Jakub Adam authored
      Once an interface got ignored, ALL interfaces coming after it were
      dropped too.
    • Jakub Adam's avatar
      candidate: replace uint8_t -> guint8 · 8e6b8446
      Jakub Adam authored
      Fixes MSVC build.
    • Jakub Adam's avatar
      debug: fix verbose mode · e7237a6e
      Jakub Adam authored
      Since g_parse_debug_string() was looking only at the first 4 items in
      GDebugKey arrays, "libnice-verbose" couldn't get activated.
  3. 11 Jul, 2019 5 commits
    • Fabrice Bellet's avatar
      examples: fix compiler extra warnings · bb7bea87
      Fabrice Bellet authored
    • Fabrice Bellet's avatar
      agent: fix condition for turn-tcp discovery creation · d8d2c041
      Fabrice Bellet authored
      We support turn-tcp in oc2007 compatibility only and when the
      host candidate transport is compatible, ie when reliable_tcp is true.
    • Fabrice Bellet's avatar
      conncheck: test inbound stun address on the candidate base address · 0b70e024
      Fabrice Bellet authored
      When receiving an stun packet on a socket, and looking for the matching
      local candidate, normally it doesn't make a difference to test the
      address or the base address. Because a pair cannot have a local candidate
      of type srv-rflx, where there would be a difference, the local candidate
      obtained will be part of a pair of the conncheck list.
      Except for the case of a pairs with tcp-act local candidate, where the
      addr has a port number of zero (tcp-act socket before connect), and the
      socket of the stun packet has a non-null port number (tcp-act socket
      after connect), corresponding to the base address of another
      peer-reflexive tcp-act local candidate, previously discoverd.
      The selection of the local candidate concerned by an inbound stun
      request happens when early incoming checks are processed, and when
      inbound stun packets are normally received during the conncheck.
      This commit complete commit e6a19418 (for early incoming checks)
      in the normal inbound stun packets code path, where is similar
      modification is needed.
    • Fabrice Bellet's avatar
      conncheck: improve comment on local peer-reflexive selection · e4d65ba7
      Fabrice Bellet authored
      This patch rewrites the comment surrounding this code snippet, to make it
      clear, that this pair selection is not specific to the tcp transport.
    • Fabrice Bellet's avatar
      conncheck: nominate matching pairs across components and streams · 1e40ee6d
      Fabrice Bellet authored
      The current valid pair nomination makes no effort to select pairs that
      could have some similarities across different components and different
      streams. This is normally not required by the RFC8445, but some well
      known applications will misbehave when the libnice agent is in this
      position to choose the nominated pairs (regular nomination mode, and
      controlling mode) and if it makes an unexpected choice from the peer
      This patch improves the stopping criterion and the selection of the
      preferred pair to nominate in that case.
      When no other pair has been nominated yet (across all streams), the
      previous stopping criterion still applies, and the best ranked pair of
      the checklist is selected.
      When a nominated pair exists from another component, we try to nominate
      a pair of the same kind (same local and remote addresses and same
      transport) if we have one, and possibly the best pair we have in the
      checklist, and else we look for a nominated pair from another stream.
  4. 04 Jul, 2019 24 commits
  5. 03 Jul, 2019 1 commit
  6. 02 Jul, 2019 1 commit
    • Olivier Crête's avatar
      agent: add nice_agent_get_sockets API · 875a23a7
      Olivier Crête authored
      This API makes it possible to get an array of all of the sockets used
      by a specific component, this is useful to set options on the socket.
      Also bump GLib requirement to 2.54, which is the version in RHEL 7
  7. 27 Jun, 2019 4 commits
    • Fabrice Bellet's avatar
    • Stefan Becker's avatar
      build: add default ignore network interface prefix · 099ff65c
      Stefan Becker authored
      By default libnice now ignores network interfaces from virtual machines
      and containers, i.e. names that start with "docker", "veth", "virbr" and
      If you want to disable this feature override the default with
             ./configure --without-ignored-network-interface-prefix ...
             ./configure --with-ignored-network-interface-prefix= ...
             meson setup -D ignored-network-interface-prefix= ...
             meson setup -D ignored-network-interface-prefix=[] ...
    • Stefan Becker's avatar
      configure: support --without-ignored-network-interface-prefix · 056de4ae
      Stefan Becker authored
      This fixes commit b4abda09
      --without-XXX sets $withval to "no", hence we must check for this special
      value instead of ignoring network interfaces that start with "no".
    • Stefan Becker's avatar
      build: make prefix option accept a list of strings · d4bc4fa3
      Stefan Becker authored
      The parameter for the ignored network interface prefix build option
      accepts a comma-separated string now. This list will be converted to a
      comma-separated list of string literals for the C code.
      Disable the feature:
         ./configure ...
         ./configure --with-ignored-network-interface-prefix= ...
         meson setup -D ignored-network-interface-prefix= ...
         meson setup -D ignored-network-interface-prefix=[] ...
      Ignore interfaces whose names start with "virbr":
         ./configure --with-ignored-network-interface-prefix=virbr ...
         meson setup -D ignored-network-interface-prefix=virbr ...
      Ignore interfaces whose names start with "virbr" or "veth":
         ./configure --with-ignored-network-interface-prefix=virbr,veth ...
         meson setup -D ignored-network-interface-prefix=virbr,veth ...