static void __agent_schedule(struct ice_agent *ag, unsigned long usec) { struct timeval nxt; nxt = g_now; timeval_add_usec(&nxt, usec); __agent_schedule_abs(ag, &nxt); }
/* agent must NOT be locked, but call must be locked in R */ static void __do_ice_check(struct ice_candidate_pair *pair) { struct sockaddr_in6 dst; struct packet_stream *ps = pair->packet_stream; struct ice_agent *ag = pair->agent; u_int32_t prio, transact[3]; if (PAIR_ISSET(pair, SUCCEEDED) && !PAIR_ISSET(pair, TO_USE)) return; if (!ag->pwd[0].s) return; ZERO(dst); dst.sin6_port = htons(pair->remote_candidate->endpoint.port); dst.sin6_addr = pair->remote_candidate->endpoint.ip46; dst.sin6_family = AF_INET6; prio = ice_priority(ICT_PRFLX, pair->local_address->preference, pair->remote_candidate->component_id); mutex_lock(&ag->lock); pair->retransmit = g_now; if (!PAIR_SET(pair, IN_PROGRESS)) { PAIR_CLEAR2(pair, FROZEN, FAILED); pair->retransmit_ms = STUN_RETRANSMIT_INTERVAL; pair->retransmits = 0; } else if (pair->retransmits > STUN_MAX_RETRANSMITS) { __fail_pair(pair); mutex_unlock(&ag->lock); return; } else { pair->retransmit_ms *= 2; pair->retransmits++; } timeval_add_usec(&pair->retransmit, pair->retransmit_ms * 1000); __agent_schedule_abs(pair->agent, &pair->retransmit); memcpy(transact, pair->stun_transaction, sizeof(transact)); pair->was_controlling = AGENT_ISSET(ag, CONTROLLING); pair->was_nominated = PAIR_ISSET(pair, TO_USE); mutex_unlock(&ag->lock); ilog(LOG_DEBUG, "Sending %sICE/STUN request for candidate pair "PAIR_FORMAT" from %s to %s", PAIR_ISSET(pair, TO_USE) ? "nominating " : "", PAIR_FMT(pair), smart_ntop_buf(&pair->local_address->addr), smart_ntop_ep_buf(&pair->remote_candidate->endpoint)); stun_binding_request(&dst, transact, &ag->pwd[0], ag->ufrag, AGENT_ISSET(ag, CONTROLLING), tie_breaker, prio, &pair->local_address->addr, ps->sfd->fd.fd, PAIR_ISSET(pair, TO_USE)); }
/* agent must NOT be locked, but call must be locked in R */ static void __do_ice_check(struct ice_candidate_pair *pair) { struct stream_fd *sfd = pair->sfd; struct ice_agent *ag = pair->agent; u_int32_t prio, transact[3]; if (PAIR_ISSET(pair, SUCCEEDED) && !PAIR_ISSET(pair, TO_USE)) return; if (!ag->pwd[0].s) return; prio = ice_priority(ICT_PRFLX, pair->local_intf->unique_id, pair->remote_candidate->component_id); mutex_lock(&ag->lock); pair->retransmit = g_now; if (!PAIR_SET(pair, IN_PROGRESS)) { PAIR_CLEAR2(pair, FROZEN, FAILED); pair->retransmit_ms = STUN_RETRANSMIT_INTERVAL; pair->retransmits = 0; } else if (pair->retransmits > STUN_MAX_RETRANSMITS) { __fail_pair(pair); mutex_unlock(&ag->lock); return; } else { pair->retransmit_ms *= 2; pair->retransmits++; } timeval_add_usec(&pair->retransmit, pair->retransmit_ms * 1000); __agent_schedule_abs(pair->agent, &pair->retransmit); memcpy(transact, pair->stun_transaction, sizeof(transact)); pair->was_controlling = AGENT_ISSET(ag, CONTROLLING); pair->was_nominated = PAIR_ISSET(pair, TO_USE); mutex_unlock(&ag->lock); ilog(LOG_DEBUG, "Sending %sICE/STUN request for candidate pair "PAIR_FORMAT" from %s to %s", PAIR_ISSET(pair, TO_USE) ? "nominating " : "", PAIR_FMT(pair), sockaddr_print_buf(&pair->local_intf->spec->local_address.addr), endpoint_print_buf(&pair->remote_candidate->endpoint)); stun_binding_request(&pair->remote_candidate->endpoint, transact, &ag->pwd[0], ag->ufrag, AGENT_ISSET(ag, CONTROLLING), tie_breaker, prio, &sfd->socket, PAIR_ISSET(pair, TO_USE)); }
/* call must be locked R or W, agent must not be locked */ static void __do_ice_checks(struct ice_agent *ag) { GList *l; struct ice_candidate_pair *pair, *highest = NULL, *frozen = NULL, *valid; struct packet_stream *ps; GQueue retransmits = G_QUEUE_INIT; struct timeval next_run = {0,0}; int have_more = 0; if (!ag) { ilog(LOG_ERR, "ice ag is NULL"); return; } if (!ag->pwd[0].s) return; atomic64_set(&ag->last_activity, poller_now); __DBG("running checks, call "STR_FORMAT" tag "STR_FORMAT"", STR_FMT(&ag->call->callid), STR_FMT(&ag->media->monologue->tag)); mutex_lock(&ag->lock); /* check if we're done and should start nominating pairs */ if (AGENT_ISSET(ag, CONTROLLING) && !AGENT_ISSET(ag, NOMINATING) && ag->start_nominating.tv_sec) { if (timeval_cmp(&g_now, &ag->start_nominating) >= 0) __nominate_pairs(ag); timeval_lowest(&next_run, &ag->start_nominating); } /* triggered checks are preferred */ pair = g_queue_pop_head(&ag->triggered); if (pair) { PAIR_CLEAR(pair, TRIGGERED); next_run = g_now; goto check; } /* find the highest-priority non-frozen non-in-progress pair */ for (l = ag->all_pairs_list.head; l; l = l->next) { pair = l->data; /* skip dead streams */ ps = pair->packet_stream; if (!ps || !ps->sfd) continue; if (PAIR_ISSET(pair, FAILED)) continue; if (PAIR_ISSET(pair, SUCCEEDED) && !PAIR_ISSET(pair, TO_USE)) continue; valid = __get_pair_by_component(ag->valid_pairs, pair->remote_candidate->component_id); if (PAIR_ISSET(pair, IN_PROGRESS)) { /* handle retransmits */ /* but only if our priority is lower than any valid pair */ if (valid && valid->pair_priority > pair->pair_priority) continue; if (timeval_cmp(&pair->retransmit, &g_now) <= 0) g_queue_push_tail(&retransmits, pair); /* can't run check directly due to locks */ else timeval_lowest(&next_run, &pair->retransmit); continue; } /* don't do anything else if we already have a valid pair */ if (valid) continue; /* or if we're in or past the final phase */ if (AGENT_ISSET2(ag, NOMINATING, COMPLETED)) continue; have_more = 1; /* remember the first frozen pair in case we find nothing else */ if (PAIR_ISSET(pair, FROZEN)) { if (!frozen) frozen = pair; continue; } if (!highest) highest = pair; } if (highest) pair = highest; else if (frozen) pair = frozen; else pair = NULL; check: mutex_unlock(&ag->lock); if (pair) __do_ice_check(pair); while ((pair = g_queue_pop_head(&retransmits))) __do_ice_check(pair); /* determine when to run next */ if (have_more) __agent_schedule(ag, 0); else if (next_run.tv_sec) __agent_schedule_abs(ag, &next_run); /* for retransmits */ }
/* call is locked in R */ int ice_response(struct packet_stream *ps, struct sockaddr_in6 *src, struct in6_addr *dst, struct stun_attrs *attrs, u_int32_t transaction[3]) { struct ice_candidate_pair *pair, *opair; struct ice_agent *ag; struct call_media *media = ps->media; const char *err; unsigned int component; struct ice_candidate *cand; struct interface_address *ifa; int ret, was_ctl; __DBG("received ICE response from %s on %s", smart_ntop_port_buf(src), smart_ntop_buf(dst)); ag = media->ice_agent; if (!ag) return -1; atomic64_set(&ag->last_activity, poller_now); mutex_lock(&ag->lock); pair = g_hash_table_lookup(ag->transaction_hash, transaction); err = "ICE/STUN response with unknown transaction received"; if (!pair) goto err_unlock; was_ctl = pair->was_controlling; mutex_unlock(&ag->lock); ifa = pair->local_address; ilog(LOG_DEBUG, "Received ICE/STUN response code %u for candidate pair "PAIR_FORMAT" from %s to %s", attrs->error_code, PAIR_FMT(pair), smart_ntop_ep_buf(&pair->remote_candidate->endpoint), smart_ntop_buf(&ifa->addr)); /* verify endpoints */ err = "ICE/STUN response received, but source address didn't match remote candidate address"; if (memcmp(&src->sin6_addr, &pair->remote_candidate->endpoint.ip46, sizeof(src->sin6_addr))) goto err; if (ntohs(src->sin6_port) != pair->remote_candidate->endpoint.port) goto err; err = "ICE/STUN response received, but destination address didn't match local interface address"; if (memcmp(dst, &ifa->addr, sizeof(*dst))) goto err; if (pair->packet_stream != ps) goto err; PAIR_CLEAR(pair, IN_PROGRESS); ret = 0; /* handle all errors */ if (attrs->error_code) { err = "ICE/STUN error received"; if (attrs->error_code != 487) goto err; __role_change(ag, !was_ctl); __trigger_check(pair); goto out; } /* we don't discover peer reflexive here (RFC 5245 7.1.3.2.1) as we don't expect to be behind NAT */ /* we also skip parts of 7.1.3.2.2 as we don't do server reflexive */ mutex_lock(&ag->lock); /* check if we're in the final (controlling) phase */ if (pair->was_nominated && PAIR_CLEAR(pair, TO_USE)) { ilog(LOG_DEBUG, "Setting nominated ICE candidate pair "PAIR_FORMAT" as valid", PAIR_FMT(pair)); PAIR_SET(pair, VALID); g_tree_insert(ag->valid_pairs, pair, pair); ret = __check_valid(ag); goto out_unlock; } if (PAIR_SET(pair, SUCCEEDED)) goto out_unlock; ilog(LOG_DEBUG, "Setting ICE candidate pair "PAIR_FORMAT" as succeeded", PAIR_FMT(pair)); g_tree_insert(ag->succeeded_pairs, pair, pair); if (!ag->start_nominating.tv_sec) { if (__check_succeeded_complete(ag)) { ag->start_nominating = g_now; timeval_add_usec(&ag->start_nominating, 100000); __agent_schedule_abs(ag, &ag->start_nominating); } } /* now unfreeze all other pairs from the same foundation */ for (component = 1; component <= MAX_COMPONENTS; component++) { if (component == ps->component) continue; cand = __foundation_lookup(ag, &pair->remote_candidate->foundation, component); if (!cand) continue; opair = __pair_lookup(ag, cand, ifa); if (!opair) continue; if (PAIR_ISSET(opair, FAILED)) continue; if (!PAIR_CLEAR(opair, FROZEN)) continue; ilog(LOG_DEBUG, "Unfreezing related ICE pair "PAIR_FORMAT, PAIR_FMT(opair)); } /* if this was previously nominated by the peer, it's now valid */ if (PAIR_ISSET(pair, NOMINATED)) { PAIR_SET(pair, VALID); g_tree_insert(ag->valid_pairs, pair, pair); if (!AGENT_ISSET(ag, CONTROLLING)) ret = __check_valid(ag); } out_unlock: mutex_unlock(&ag->lock); out: return ret; err_unlock: mutex_unlock(&ag->lock); err: if (err) ilog(LOG_NOTICE, "%s (from %s on interface %s)", err, smart_ntop_port_buf(src), smart_ntop_buf(dst)); if (pair && attrs->error_code) __fail_pair(pair); return 0; }