Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed problem with encryption decision and status report on encryption failure. #318

Merged
merged 17 commits into from
Apr 4, 2018
Merged

Fixed problem with encryption decision and status report on encryption failure. #318

merged 17 commits into from
Apr 4, 2018

Conversation

ethouris
Copy link
Collaborator

@ethouris ethouris commented Mar 23, 2018
edited
Loading

The previous fix that enabled connection even if the encryption is not agreed upon has caused that a listener party that set a password could send also unencrypted stream, if the connecting caller party has set no password. This was to make it possible to send a stream by a party that did not set a password, but it has simultaneously allowed the party that set a password send unencrypted stream.

This fix checks if the encryption was requested (by checking sender keylen), but not possible (the encryption context for sending was not created due to failed KMX), if so, the CUDT::sendmsg2 function (the central sending function for all types of buffer sending) returns with error.

This error, again, should never fire now because the context for sending is always created, worst case if KMX process fails, the encryption will be done for nothing, but still done, and packets will be sent.

Also fixes problems with correct status reporting on KMX failure.

@ethouris ethouris changed the title Added check to deny sending if encryption required and not possible. Fixed problem with encryption decision and status report on encryption failure. Mar 26, 2018
@ethouris ethouris force-pushed the dev-fix-secure-sending branch from 4e7499a to 240b458 Compare March 28, 2018 08:27
@rndi rndi merged commit 1a28026 into Haivision:dev Apr 4, 2018
Gummilion added a commit to Gummilion/srt that referenced this pull request May 10, 2018
@Gummilion
Merge branch 'dev' into timedwait
5fbd980 
* dev: (21 commits)
  Fix SRT file transmit app to work in non-blocking mode (Haivision#334)
  Ensure stdout silence in console pipe out mode plus a few minor fixups (Haivision#275)
  Replaced hardcoded installdirs with GNUInstallDirs. Fixed some status messages. (Haivision#323)
  Breaking connection when recv buffer inflation caused sequence discrepancy (Haivision#300)
  Fixed problems with encryption decision and status report on encryption failure. (Haivision#318)
  Fixed invalid symbol names in doc (Haivision#311)
  Dev add version to winpackages (Haivision#328)
  Android build for dev (Haivision#326)
  Change License to MPLv2.0 (Haivision#327)
  Used constants for input rate. Fixed after-start rate sampling period to 1s (Haivision#315)
  Made SockaddrToString use only numeric string by default (Haivision#312)
  Ported change in Haivision#307 PR to dev
  Fixed SockaddrToString to format as 4dotIP if unknown (Haivision#299)
  Build with debug information for lldb on iOS platform (Haivision#302)
  Fix for sudden stop sending data on macOS/iOS (Haivision#303)
  Fix broken build when testing apps enabled (Haivision#296)
  Removed all code introduced for CBR (Haivision#293)
  Added API to get instantaneous stats instead of moving averages for a… (Haivision#288)
  Added toolchain file and build instruction for iOS (Haivision#286)
  Fix windows build (Haivision#290)
  ...
@ethouris ethouris deleted the dev-fix-secure-sending branch May 28, 2018 08:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
Priority: High
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ethouris @rndi