ACK not sent using an existing TLS transport #3783
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sauwming
approved these changes
Nov 17, 2023
trengginas
approved these changes
Nov 21, 2023
|
We implement this patch and it solves the issue. Good catch. |
|
@PeterKoletzki Thanks for the confirmation. |
dshamaev-intermedia
pushed a commit
to intermedia-net/pjproject
that referenced
this pull request
Apr 4, 2024
dshamaev-intermedia
pushed a commit
to intermedia-net/pjproject
that referenced
this pull request
Apr 4, 2024
dshamaev-intermedia
added a commit
to intermedia-net/pjproject
that referenced
this pull request
Apr 5, 2024
* Add option to shutdown all transports on IP change (pjsip#3781) * pjsua_handle_ip_change: Added missing null check for on_ip_changed_progress callback (pjsip#3830) * Reset stored remote name in dialog (dlg->initial_dest) if transport is server. (pjsip#3783) * Prevent immediate tsx termination upon transport error (pjsip#3805) * Fixed issues when adding new media and deinitializing media (pjsip#3821) * Potential issues when IPv6 is disabled (pjsip#3835) * Improve IP address change IPv4 <-> IPv6 (pjsip#3910) * Add some missing unlocks (pjsip#3893) * add missing unlock (pjsip#3885) * Retransmit 2xx response when transport is closed (pjsip#3828) * Fixed account's route set update when modifying account (pjsip#3825) --------- Co-authored-by: Nanang Izzuddin <[email protected]> Co-authored-by: sauwming <[email protected]> Co-authored-by: Santiago De la Cruz <[email protected]> Co-authored-by: Andreas Wehrmann <[email protected]> Co-authored-by: Riza Sulistyo <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Scenario
Analysis
The dialog will store the remote name in
dlg->intial_destin step 1 (see #3310) bydlg_update_routeset():pjproject/pjsip/src/pjsip/sip_dialog.c
Lines 1876 to 1881 in c224f26
And in step 4, the remote name is supposed to be updated/reset by the same code above, but it does not happen as the transport used by 200 response is a server transport. So in sending the ACK in step 5, the transport manager won't find/reuse the transport created in step 3 because it is being requested for remote address in step 3 but with wrong/old remote name (set by step 1). Note that a TLS transport can be reused if it matches both: remote address and remote name (for TLS verification).
Resetting the dialog's remote name should be sufficient because later it will be initialized to the target address by
pjsip_endpt_send_request_stateless()(orpjsip_endpt_send_response()if it is a response).Thanks to Peter Koletzki for the report.