loader: Add dependency fields to module structures.
[asterisk/asterisk.git] / res / res_pjsip_sdp_rtp.c
1 /*
2  * Asterisk -- An open source telephony toolkit.
3  *
4  * Copyright (C) 2013, Digium, Inc.
5  *
6  * Joshua Colp <jcolp@digium.com>
7  * Kevin Harwell <kharwell@digium.com>
8  *
9  * See http://www.asterisk.org for more information about
10  * the Asterisk project. Please do not directly contact
11  * any of the maintainers of this project for assistance;
12  * the project provides a web site, mailing lists and IRC
13  * channels for your use.
14  *
15  * This program is free software, distributed under the terms of
16  * the GNU General Public License Version 2. See the LICENSE file
17  * at the top of the source tree.
18  */
19
20 /*! \file
21  *
22  * \author Joshua Colp <jcolp@digium.com>
23  *
24  * \brief SIP SDP media stream handling
25  */
26
27 /*** MODULEINFO
28         <depend>pjproject</depend>
29         <depend>res_pjsip</depend>
30         <depend>res_pjsip_session</depend>
31         <support_level>core</support_level>
32  ***/
33
34 #include "asterisk.h"
35
36 #include <pjsip.h>
37 #include <pjsip_ua.h>
38 #include <pjmedia.h>
39 #include <pjlib.h>
40
41 #include "asterisk/utils.h"
42 #include "asterisk/module.h"
43 #include "asterisk/format.h"
44 #include "asterisk/format_cap.h"
45 #include "asterisk/rtp_engine.h"
46 #include "asterisk/netsock2.h"
47 #include "asterisk/channel.h"
48 #include "asterisk/causes.h"
49 #include "asterisk/sched.h"
50 #include "asterisk/acl.h"
51 #include "asterisk/sdp_srtp.h"
52 #include "asterisk/dsp.h"
53 #include "asterisk/linkedlists.h"       /* for AST_LIST_NEXT */
54 #include "asterisk/stream.h"
55 #include "asterisk/format_cache.h"
56
57 #include "asterisk/res_pjsip.h"
58 #include "asterisk/res_pjsip_session.h"
59
60 /*! \brief Scheduler for RTCP purposes */
61 static struct ast_sched_context *sched;
62
63 /*! \brief Address for RTP */
64 static struct ast_sockaddr address_rtp;
65
66 static const char STR_AUDIO[] = "audio";
67 static const char STR_VIDEO[] = "video";
68
69 static int send_keepalive(const void *data)
70 {
71         struct ast_sip_session_media *session_media = (struct ast_sip_session_media *) data;
72         struct ast_rtp_instance *rtp = session_media->rtp;
73         int keepalive;
74         time_t interval;
75         int send_keepalive;
76
77         if (!rtp) {
78                 return 0;
79         }
80
81         keepalive = ast_rtp_instance_get_keepalive(rtp);
82
83         if (!ast_sockaddr_isnull(&session_media->direct_media_addr)) {
84                 ast_debug(3, "Not sending RTP keepalive on RTP instance %p since direct media is in use\n", rtp);
85                 return keepalive * 1000;
86         }
87
88         interval = time(NULL) - ast_rtp_instance_get_last_tx(rtp);
89         send_keepalive = interval >= keepalive;
90
91         ast_debug(3, "It has been %d seconds since RTP was last sent on instance %p. %sending keepalive\n",
92                         (int) interval, rtp, send_keepalive ? "S" : "Not s");
93
94         if (send_keepalive) {
95                 ast_rtp_instance_sendcng(rtp, 0);
96                 return keepalive * 1000;
97         }
98
99         return (keepalive - interval) * 1000;
100 }
101
102 /*! \brief Check whether RTP is being received or not */
103 static int rtp_check_timeout(const void *data)
104 {
105         struct ast_sip_session_media *session_media = (struct ast_sip_session_media *)data;
106         struct ast_rtp_instance *rtp = session_media->rtp;
107         int elapsed;
108         struct ast_channel *chan;
109
110         if (!rtp) {
111                 return 0;
112         }
113
114         elapsed = time(NULL) - ast_rtp_instance_get_last_rx(rtp);
115         if (elapsed < ast_rtp_instance_get_timeout(rtp)) {
116                 return (ast_rtp_instance_get_timeout(rtp) - elapsed) * 1000;
117         }
118
119         chan = ast_channel_get_by_name(ast_rtp_instance_get_channel_id(rtp));
120         if (!chan) {
121                 return 0;
122         }
123
124         ast_log(LOG_NOTICE, "Disconnecting channel '%s' for lack of RTP activity in %d seconds\n",
125                 ast_channel_name(chan), elapsed);
126
127         ast_channel_lock(chan);
128         ast_channel_hangupcause_set(chan, AST_CAUSE_REQUESTED_CHAN_UNAVAIL);
129         ast_channel_unlock(chan);
130
131         ast_softhangup(chan, AST_SOFTHANGUP_DEV);
132         ast_channel_unref(chan);
133
134         return 0;
135 }
136
137 /*!
138  * \brief Enable RTCP on an RTP session.
139  */
140 static void enable_rtcp(struct ast_sip_session *session, struct ast_sip_session_media *session_media,
141         const struct pjmedia_sdp_media *remote_media)
142 {
143         enum ast_rtp_instance_rtcp rtcp_type;
144
145         if (session->endpoint->media.rtcp_mux && session_media->remote_rtcp_mux) {
146                 rtcp_type = AST_RTP_INSTANCE_RTCP_MUX;
147         } else {
148                 rtcp_type = AST_RTP_INSTANCE_RTCP_STANDARD;
149         }
150
151         ast_rtp_instance_set_prop(session_media->rtp, AST_RTP_PROPERTY_RTCP, rtcp_type);
152 }
153
154 /*! \brief Internal function which creates an RTP instance */
155 static int create_rtp(struct ast_sip_session *session, struct ast_sip_session_media *session_media)
156 {
157         struct ast_rtp_engine_ice *ice;
158         struct ast_sockaddr temp_media_address;
159         struct ast_sockaddr *media_address =  &address_rtp;
160
161         if (session->endpoint->media.bind_rtp_to_media_address && !ast_strlen_zero(session->endpoint->media.address)) {
162                 if (ast_sockaddr_parse(&temp_media_address, session->endpoint->media.address, 0)) {
163                         ast_debug(1, "Endpoint %s: Binding RTP media to %s\n",
164                                 ast_sorcery_object_get_id(session->endpoint),
165                                 session->endpoint->media.address);
166                         media_address = &temp_media_address;
167                 } else {
168                         ast_debug(1, "Endpoint %s: RTP media address invalid: %s\n",
169                                 ast_sorcery_object_get_id(session->endpoint),
170                                 session->endpoint->media.address);
171                 }
172         } else {
173                 struct ast_sip_transport *transport;
174
175                 transport = ast_sorcery_retrieve_by_id(ast_sip_get_sorcery(), "transport",
176                         session->endpoint->transport);
177                 if (transport) {
178                         struct ast_sip_transport_state *trans_state;
179
180                         trans_state = ast_sip_get_transport_state(ast_sorcery_object_get_id(transport));
181                         if (trans_state) {
182                                 char hoststr[PJ_INET6_ADDRSTRLEN];
183
184                                 pj_sockaddr_print(&trans_state->host, hoststr, sizeof(hoststr), 0);
185                                 if (ast_sockaddr_parse(&temp_media_address, hoststr, 0)) {
186                                         ast_debug(1, "Transport %s bound to %s: Using it for RTP media.\n",
187                                                 session->endpoint->transport, hoststr);
188                                         media_address = &temp_media_address;
189                                 } else {
190                                         ast_debug(1, "Transport %s bound to %s: Invalid for RTP media.\n",
191                                                 session->endpoint->transport, hoststr);
192                                 }
193                                 ao2_ref(trans_state, -1);
194                         }
195                         ao2_ref(transport, -1);
196                 }
197         }
198
199         if (!(session_media->rtp = ast_rtp_instance_new(session->endpoint->media.rtp.engine, sched, media_address, NULL))) {
200                 ast_log(LOG_ERROR, "Unable to create RTP instance using RTP engine '%s'\n", session->endpoint->media.rtp.engine);
201                 return -1;
202         }
203
204         ast_rtp_instance_set_prop(session_media->rtp, AST_RTP_PROPERTY_NAT, session->endpoint->media.rtp.symmetric);
205         ast_rtp_instance_set_prop(session_media->rtp, AST_RTP_PROPERTY_ASYMMETRIC_CODEC, session->endpoint->asymmetric_rtp_codec);
206
207         if (!session->endpoint->media.rtp.ice_support && (ice = ast_rtp_instance_get_ice(session_media->rtp))) {
208                 ice->stop(session_media->rtp);
209         }
210
211         if (session->dtmf == AST_SIP_DTMF_RFC_4733 || session->dtmf == AST_SIP_DTMF_AUTO || session->dtmf == AST_SIP_DTMF_AUTO_INFO) {
212                 ast_rtp_instance_dtmf_mode_set(session_media->rtp, AST_RTP_DTMF_MODE_RFC2833);
213                 ast_rtp_instance_set_prop(session_media->rtp, AST_RTP_PROPERTY_DTMF, 1);
214         } else if (session->dtmf == AST_SIP_DTMF_INBAND) {
215                 ast_rtp_instance_dtmf_mode_set(session_media->rtp, AST_RTP_DTMF_MODE_INBAND);
216         }
217
218         if (session_media->type == AST_MEDIA_TYPE_AUDIO &&
219                         (session->endpoint->media.tos_audio || session->endpoint->media.cos_audio)) {
220                 ast_rtp_instance_set_qos(session_media->rtp, session->endpoint->media.tos_audio,
221                                 session->endpoint->media.cos_audio, "SIP RTP Audio");
222         } else if (session_media->type == AST_MEDIA_TYPE_VIDEO &&
223                         (session->endpoint->media.tos_video || session->endpoint->media.cos_video)) {
224                 ast_rtp_instance_set_qos(session_media->rtp, session->endpoint->media.tos_video,
225                                 session->endpoint->media.cos_video, "SIP RTP Video");
226         }
227
228         ast_rtp_instance_set_last_rx(session_media->rtp, time(NULL));
229
230         return 0;
231 }
232
233 static void get_codecs(struct ast_sip_session *session, const struct pjmedia_sdp_media *stream, struct ast_rtp_codecs *codecs,
234         struct ast_sip_session_media *session_media)
235 {
236         pjmedia_sdp_attr *attr;
237         pjmedia_sdp_rtpmap *rtpmap;
238         pjmedia_sdp_fmtp fmtp;
239         struct ast_format *format;
240         int i, num = 0, tel_event = 0;
241         char name[256];
242         char media[20];
243         char fmt_param[256];
244         enum ast_rtp_options options = session->endpoint->media.g726_non_standard ?
245                 AST_RTP_OPT_G726_NONSTANDARD : 0;
246
247         ast_rtp_codecs_payloads_initialize(codecs);
248
249         /* Iterate through provided formats */
250         for (i = 0; i < stream->desc.fmt_count; ++i) {
251                 /* The payload is kept as a string for things like t38 but for video it is always numerical */
252                 ast_rtp_codecs_payloads_set_m_type(codecs, NULL, pj_strtoul(&stream->desc.fmt[i]));
253                 /* Look for the optional rtpmap attribute */
254                 if (!(attr = pjmedia_sdp_media_find_attr2(stream, "rtpmap", &stream->desc.fmt[i]))) {
255                         continue;
256                 }
257
258                 /* Interpret the attribute as an rtpmap */
259                 if ((pjmedia_sdp_attr_to_rtpmap(session->inv_session->pool_prov, attr, &rtpmap)) != PJ_SUCCESS) {
260                         continue;
261                 }
262
263                 ast_copy_pj_str(name, &rtpmap->enc_name, sizeof(name));
264                 if (strcmp(name, "telephone-event") == 0) {
265                         tel_event++;
266                 }
267
268                 ast_copy_pj_str(media, (pj_str_t*)&stream->desc.media, sizeof(media));
269                 ast_rtp_codecs_payloads_set_rtpmap_type_rate(codecs, NULL,
270                         pj_strtoul(&stream->desc.fmt[i]), media, name, options, rtpmap->clock_rate);
271                 /* Look for an optional associated fmtp attribute */
272                 if (!(attr = pjmedia_sdp_media_find_attr2(stream, "fmtp", &rtpmap->pt))) {
273                         continue;
274                 }
275
276                 if ((pjmedia_sdp_attr_get_fmtp(attr, &fmtp)) == PJ_SUCCESS) {
277                         ast_copy_pj_str(fmt_param, &fmtp.fmt, sizeof(fmt_param));
278                         if (sscanf(fmt_param, "%30d", &num) != 1) {
279                                 continue;
280                         }
281
282                         if ((format = ast_rtp_codecs_get_payload_format(codecs, num))) {
283                                 struct ast_format *format_parsed;
284
285                                 ast_copy_pj_str(fmt_param, &fmtp.fmt_param, sizeof(fmt_param));
286
287                                 format_parsed = ast_format_parse_sdp_fmtp(format, fmt_param);
288                                 if (format_parsed) {
289                                         ast_rtp_codecs_payload_replace_format(codecs, num, format_parsed);
290                                         ao2_ref(format_parsed, -1);
291                                 }
292
293                                 ao2_ref(format, -1);
294                         }
295                 }
296         }
297         if (!tel_event && (session->dtmf == AST_SIP_DTMF_AUTO)) {
298                 ast_rtp_instance_dtmf_mode_set(session_media->rtp, AST_RTP_DTMF_MODE_INBAND);
299         }
300
301         if (session->dtmf == AST_SIP_DTMF_AUTO_INFO) {
302                 if  (tel_event) {
303                         ast_rtp_instance_dtmf_mode_set(session_media->rtp, AST_RTP_DTMF_MODE_RFC2833);
304                 } else {
305                         ast_rtp_instance_dtmf_mode_set(session_media->rtp, AST_RTP_DTMF_MODE_NONE);
306                 }
307         }
308
309
310         /* Get the packetization, if it exists */
311         if ((attr = pjmedia_sdp_media_find_attr2(stream, "ptime", NULL))) {
312                 unsigned long framing = pj_strtoul(pj_strltrim(&attr->value));
313                 if (framing && session->endpoint->media.rtp.use_ptime) {
314                         ast_rtp_codecs_set_framing(codecs, framing);
315                 }
316         }
317 }
318
319 static int set_caps(struct ast_sip_session *session,
320         struct ast_sip_session_media *session_media,
321         struct ast_sip_session_media *session_media_transport,
322         const struct pjmedia_sdp_media *stream,
323         int is_offer, struct ast_stream *asterisk_stream)
324 {
325         RAII_VAR(struct ast_format_cap *, caps, NULL, ao2_cleanup);
326         RAII_VAR(struct ast_format_cap *, peer, NULL, ao2_cleanup);
327         RAII_VAR(struct ast_format_cap *, joint, NULL, ao2_cleanup);
328         RAII_VAR(struct ast_format_cap *, endpoint_caps, NULL, ao2_cleanup);
329         enum ast_media_type media_type = session_media->type;
330         struct ast_rtp_codecs codecs = AST_RTP_CODECS_NULL_INIT;
331         int fmts = 0;
332         int direct_media_enabled = !ast_sockaddr_isnull(&session_media->direct_media_addr) &&
333                 ast_format_cap_count(session->direct_media_cap);
334         int dsp_features = 0;
335
336         if (!(caps = ast_format_cap_alloc(AST_FORMAT_CAP_FLAG_DEFAULT)) ||
337             !(peer = ast_format_cap_alloc(AST_FORMAT_CAP_FLAG_DEFAULT)) ||
338             !(joint = ast_format_cap_alloc(AST_FORMAT_CAP_FLAG_DEFAULT))) {
339                 ast_log(LOG_ERROR, "Failed to allocate %s capabilities\n",
340                         ast_codec_media_type2str(session_media->type));
341                 return -1;
342         }
343
344         /* get the endpoint capabilities */
345         if (direct_media_enabled) {
346                 ast_format_cap_get_compatible(session->endpoint->media.codecs, session->direct_media_cap, caps);
347         } else {
348                 ast_format_cap_append_from_cap(caps, session->endpoint->media.codecs, media_type);
349         }
350
351         /* get the capabilities on the peer */
352         get_codecs(session, stream, &codecs,  session_media);
353         ast_rtp_codecs_payload_formats(&codecs, peer, &fmts);
354
355         /* get the joint capabilities between peer and endpoint */
356         ast_format_cap_get_compatible(caps, peer, joint);
357         if (!ast_format_cap_count(joint)) {
358                 struct ast_str *usbuf = ast_str_alloca(AST_FORMAT_CAP_NAMES_LEN);
359                 struct ast_str *thembuf = ast_str_alloca(AST_FORMAT_CAP_NAMES_LEN);
360
361                 ast_rtp_codecs_payloads_destroy(&codecs);
362                 ast_log(LOG_NOTICE, "No joint capabilities for '%s' media stream between our configuration(%s) and incoming SDP(%s)\n",
363                         ast_codec_media_type2str(session_media->type),
364                         ast_format_cap_get_names(caps, &usbuf),
365                         ast_format_cap_get_names(peer, &thembuf));
366                 return -1;
367         }
368
369         if (is_offer) {
370                 /*
371                  * Setup rx payload type mapping to prefer the mapping
372                  * from the peer that the RFC says we SHOULD use.
373                  */
374                 ast_rtp_codecs_payloads_xover(&codecs, &codecs, NULL);
375         }
376         ast_rtp_codecs_payloads_copy(&codecs, ast_rtp_instance_get_codecs(session_media->rtp),
377                 session_media->rtp);
378
379         ast_stream_set_formats(asterisk_stream, joint);
380
381         /* If this is a bundled stream then apply the payloads to RTP instance acting as transport to prevent conflicts */
382         if (session_media_transport != session_media && session_media->bundled) {
383                 int index;
384
385                 for (index = 0; index < ast_format_cap_count(joint); ++index) {
386                         struct ast_format *format = ast_format_cap_get_format(joint, index);
387                         int rtp_code;
388
389                         /* Ensure this payload is in the bundle group transport codecs, this purposely doesn't check the return value for
390                          * things as the format is guaranteed to have a payload already.
391                          */
392                         rtp_code = ast_rtp_codecs_payload_code(ast_rtp_instance_get_codecs(session_media->rtp), 1, format, 0);
393                         ast_rtp_codecs_payload_set_rx(ast_rtp_instance_get_codecs(session_media_transport->rtp), rtp_code, format);
394
395                         ao2_ref(format, -1);
396                 }
397         }
398
399         if (session->channel && ast_sip_session_is_pending_stream_default(session, asterisk_stream)) {
400                 ast_channel_lock(session->channel);
401                 ast_format_cap_remove_by_type(caps, AST_MEDIA_TYPE_UNKNOWN);
402                 ast_format_cap_append_from_cap(caps, ast_channel_nativeformats(session->channel),
403                         AST_MEDIA_TYPE_UNKNOWN);
404                 ast_format_cap_remove_by_type(caps, media_type);
405
406                 if (session->endpoint->preferred_codec_only){
407                         struct ast_format *preferred_fmt = ast_format_cap_get_format(joint, 0);
408                         ast_format_cap_append(caps, preferred_fmt, 0);
409                         ao2_ref(preferred_fmt, -1);
410                 } else if (!session->endpoint->asymmetric_rtp_codec) {
411                         struct ast_format *best;
412                         /*
413                          * If we don't allow the sending codec to be changed on our side
414                          * then get the best codec from the joint capabilities of the media
415                          * type and use only that. This ensures the core won't start sending
416                          * out a format that we aren't currently sending.
417                          */
418
419                         best = ast_format_cap_get_best_by_type(joint, media_type);
420                         if (best) {
421                                 ast_format_cap_append(caps, best, ast_format_cap_get_framing(joint));
422                                 ao2_ref(best, -1);
423                         }
424                 } else {
425                         ast_format_cap_append_from_cap(caps, joint, media_type);
426                 }
427
428                 /*
429                  * Apply the new formats to the channel, potentially changing
430                  * raw read/write formats and translation path while doing so.
431                  */
432                 ast_channel_nativeformats_set(session->channel, caps);
433                 if (media_type == AST_MEDIA_TYPE_AUDIO) {
434                         ast_set_read_format(session->channel, ast_channel_readformat(session->channel));
435                         ast_set_write_format(session->channel, ast_channel_writeformat(session->channel));
436                 }
437
438                 if ( ((session->dtmf == AST_SIP_DTMF_AUTO) || (session->dtmf == AST_SIP_DTMF_AUTO_INFO) )
439                     && (ast_rtp_instance_dtmf_mode_get(session_media->rtp) == AST_RTP_DTMF_MODE_RFC2833)
440                     && (session->dsp)) {
441                         dsp_features = ast_dsp_get_features(session->dsp);
442                         dsp_features &= ~DSP_FEATURE_DIGIT_DETECT;
443                         if (dsp_features) {
444                                 ast_dsp_set_features(session->dsp, dsp_features);
445                         } else {
446                                 ast_dsp_free(session->dsp);
447                                 session->dsp = NULL;
448                         }
449                 }
450
451                 if (ast_channel_is_bridged(session->channel)) {
452                         ast_channel_set_unbridged_nolock(session->channel, 1);
453                 }
454
455                 ast_channel_unlock(session->channel);
456         }
457
458         ast_rtp_codecs_payloads_destroy(&codecs);
459         return 0;
460 }
461
462 static pjmedia_sdp_attr* generate_rtpmap_attr(struct ast_sip_session *session, pjmedia_sdp_media *media, pj_pool_t *pool,
463                                               int rtp_code, int asterisk_format, struct ast_format *format, int code)
464 {
465         extern pj_bool_t pjsip_use_compact_form;
466         pjmedia_sdp_rtpmap rtpmap;
467         pjmedia_sdp_attr *attr = NULL;
468         char tmp[64];
469         enum ast_rtp_options options = session->endpoint->media.g726_non_standard ?
470                 AST_RTP_OPT_G726_NONSTANDARD : 0;
471
472         snprintf(tmp, sizeof(tmp), "%d", rtp_code);
473         pj_strdup2(pool, &media->desc.fmt[media->desc.fmt_count++], tmp);
474
475         if (rtp_code <= AST_RTP_PT_LAST_STATIC && pjsip_use_compact_form) {
476                 return NULL;
477         }
478
479         rtpmap.pt = media->desc.fmt[media->desc.fmt_count - 1];
480         rtpmap.clock_rate = ast_rtp_lookup_sample_rate2(asterisk_format, format, code);
481         pj_strdup2(pool, &rtpmap.enc_name, ast_rtp_lookup_mime_subtype2(asterisk_format, format, code, options));
482         if (!pj_stricmp2(&rtpmap.enc_name, "opus")) {
483                 pj_cstr(&rtpmap.param, "2");
484         } else {
485                 pj_cstr(&rtpmap.param, NULL);
486         }
487
488         pjmedia_sdp_rtpmap_to_attr(pool, &rtpmap, &attr);
489
490         return attr;
491 }
492
493 static pjmedia_sdp_attr* generate_fmtp_attr(pj_pool_t *pool, struct ast_format *format, int rtp_code)
494 {
495         struct ast_str *fmtp0 = ast_str_alloca(256);
496         pj_str_t fmtp1;
497         pjmedia_sdp_attr *attr = NULL;
498         char *tmp;
499
500         ast_format_generate_sdp_fmtp(format, rtp_code, &fmtp0);
501         if (ast_str_strlen(fmtp0)) {
502                 tmp = ast_str_buffer(fmtp0) + ast_str_strlen(fmtp0) - 1;
503                 /* remove any carriage return line feeds */
504                 while (*tmp == '\r' || *tmp == '\n') --tmp;
505                 *++tmp = '\0';
506                 /* ast...generate gives us everything, just need value */
507                 tmp = strchr(ast_str_buffer(fmtp0), ':');
508                 if (tmp && tmp[1] != '\0') {
509                         fmtp1 = pj_str(tmp + 1);
510                 } else {
511                         fmtp1 = pj_str(ast_str_buffer(fmtp0));
512                 }
513                 attr = pjmedia_sdp_attr_create(pool, "fmtp", &fmtp1);
514         }
515         return attr;
516 }
517
518 /*! \brief Function which adds ICE attributes to a media stream */
519 static void add_ice_to_stream(struct ast_sip_session *session, struct ast_sip_session_media *session_media, pj_pool_t *pool, pjmedia_sdp_media *media,
520         unsigned int include_candidates)
521 {
522         struct ast_rtp_engine_ice *ice;
523         struct ao2_container *candidates;
524         const char *username, *password;
525         pj_str_t stmp;
526         pjmedia_sdp_attr *attr;
527         struct ao2_iterator it_candidates;
528         struct ast_rtp_engine_ice_candidate *candidate;
529
530         if (!session->endpoint->media.rtp.ice_support || !(ice = ast_rtp_instance_get_ice(session_media->rtp))) {
531                 return;
532         }
533
534         if ((username = ice->get_ufrag(session_media->rtp))) {
535                 attr = pjmedia_sdp_attr_create(pool, "ice-ufrag", pj_cstr(&stmp, username));
536                 media->attr[media->attr_count++] = attr;
537         }
538
539         if ((password = ice->get_password(session_media->rtp))) {
540                 attr = pjmedia_sdp_attr_create(pool, "ice-pwd", pj_cstr(&stmp, password));
541                 media->attr[media->attr_count++] = attr;
542         }
543
544         if (!include_candidates) {
545                 return;
546         }
547
548         candidates = ice->get_local_candidates(session_media->rtp);
549         if (!candidates) {
550                 return;
551         }
552
553         it_candidates = ao2_iterator_init(candidates, 0);
554         for (; (candidate = ao2_iterator_next(&it_candidates)); ao2_ref(candidate, -1)) {
555                 struct ast_str *attr_candidate = ast_str_create(128);
556
557                 ast_str_set(&attr_candidate, -1, "%s %u %s %d %s ", candidate->foundation, candidate->id, candidate->transport,
558                                         candidate->priority, ast_sockaddr_stringify_addr_remote(&candidate->address));
559                 ast_str_append(&attr_candidate, -1, "%s typ ", ast_sockaddr_stringify_port(&candidate->address));
560
561                 switch (candidate->type) {
562                         case AST_RTP_ICE_CANDIDATE_TYPE_HOST:
563                                 ast_str_append(&attr_candidate, -1, "host");
564                                 break;
565                         case AST_RTP_ICE_CANDIDATE_TYPE_SRFLX:
566                                 ast_str_append(&attr_candidate, -1, "srflx");
567                                 break;
568                         case AST_RTP_ICE_CANDIDATE_TYPE_RELAYED:
569                                 ast_str_append(&attr_candidate, -1, "relay");
570                                 break;
571                 }
572
573                 if (!ast_sockaddr_isnull(&candidate->relay_address)) {
574                         ast_str_append(&attr_candidate, -1, " raddr %s rport", ast_sockaddr_stringify_addr_remote(&candidate->relay_address));
575                         ast_str_append(&attr_candidate, -1, " %s", ast_sockaddr_stringify_port(&candidate->relay_address));
576                 }
577
578                 attr = pjmedia_sdp_attr_create(pool, "candidate", pj_cstr(&stmp, ast_str_buffer(attr_candidate)));
579                 media->attr[media->attr_count++] = attr;
580
581                 ast_free(attr_candidate);
582         }
583
584         ao2_iterator_destroy(&it_candidates);
585         ao2_ref(candidates, -1);
586 }
587
588 /*! \brief Function which processes ICE attributes in an audio stream */
589 static void process_ice_attributes(struct ast_sip_session *session, struct ast_sip_session_media *session_media,
590                                    const struct pjmedia_sdp_session *remote, const struct pjmedia_sdp_media *remote_stream)
591 {
592         struct ast_rtp_engine_ice *ice;
593         const pjmedia_sdp_attr *attr;
594         char attr_value[256];
595         unsigned int attr_i;
596
597         /* If ICE support is not enabled or available exit early */
598         if (!session->endpoint->media.rtp.ice_support || !(ice = ast_rtp_instance_get_ice(session_media->rtp))) {
599                 return;
600         }
601
602         attr = pjmedia_sdp_media_find_attr2(remote_stream, "ice-ufrag", NULL);
603         if (!attr) {
604                 attr = pjmedia_sdp_attr_find2(remote->attr_count, remote->attr, "ice-ufrag", NULL);
605         }
606         if (attr) {
607                 ast_copy_pj_str(attr_value, (pj_str_t*)&attr->value, sizeof(attr_value));
608                 ice->set_authentication(session_media->rtp, attr_value, NULL);
609         } else {
610                 return;
611         }
612
613         attr = pjmedia_sdp_media_find_attr2(remote_stream, "ice-pwd", NULL);
614         if (!attr) {
615                 attr = pjmedia_sdp_attr_find2(remote->attr_count, remote->attr, "ice-pwd", NULL);
616         }
617         if (attr) {
618                 ast_copy_pj_str(attr_value, (pj_str_t*)&attr->value, sizeof(attr_value));
619                 ice->set_authentication(session_media->rtp, NULL, attr_value);
620         } else {
621                 return;
622         }
623
624         if (pjmedia_sdp_media_find_attr2(remote_stream, "ice-lite", NULL)) {
625                 ice->ice_lite(session_media->rtp);
626         }
627
628         /* Find all of the candidates */
629         for (attr_i = 0; attr_i < remote_stream->attr_count; ++attr_i) {
630                 char foundation[33], transport[32], address[PJ_INET6_ADDRSTRLEN + 1], cand_type[6], relay_address[PJ_INET6_ADDRSTRLEN + 1] = "";
631                 unsigned int port, relay_port = 0;
632                 struct ast_rtp_engine_ice_candidate candidate = { 0, };
633
634                 attr = remote_stream->attr[attr_i];
635
636                 /* If this is not a candidate line skip it */
637                 if (pj_strcmp2(&attr->name, "candidate")) {
638                         continue;
639                 }
640
641                 ast_copy_pj_str(attr_value, (pj_str_t*)&attr->value, sizeof(attr_value));
642
643                 if (sscanf(attr_value, "%32s %30u %31s %30u %46s %30u typ %5s %*s %23s %*s %30u", foundation, &candidate.id, transport,
644                         (unsigned *)&candidate.priority, address, &port, cand_type, relay_address, &relay_port) < 7) {
645                         /* Candidate did not parse properly */
646                         continue;
647                 }
648
649                 if (session->endpoint->media.rtcp_mux && session_media->remote_rtcp_mux && candidate.id > 1) {
650                         /* Remote side may have offered RTP and RTCP candidates. However, if we're using RTCP MUX,
651                          * then we should ignore RTCP candidates.
652                          */
653                         continue;
654                 }
655
656                 candidate.foundation = foundation;
657                 candidate.transport = transport;
658
659                 ast_sockaddr_parse(&candidate.address, address, PARSE_PORT_FORBID);
660                 ast_sockaddr_set_port(&candidate.address, port);
661
662                 if (!strcasecmp(cand_type, "host")) {
663                         candidate.type = AST_RTP_ICE_CANDIDATE_TYPE_HOST;
664                 } else if (!strcasecmp(cand_type, "srflx")) {
665                         candidate.type = AST_RTP_ICE_CANDIDATE_TYPE_SRFLX;
666                 } else if (!strcasecmp(cand_type, "relay")) {
667                         candidate.type = AST_RTP_ICE_CANDIDATE_TYPE_RELAYED;
668                 } else {
669                         continue;
670                 }
671
672                 if (!ast_strlen_zero(relay_address)) {
673                         ast_sockaddr_parse(&candidate.relay_address, relay_address, PARSE_PORT_FORBID);
674                 }
675
676                 if (relay_port) {
677                         ast_sockaddr_set_port(&candidate.relay_address, relay_port);
678                 }
679
680                 ice->add_remote_candidate(session_media->rtp, &candidate);
681         }
682
683         ice->set_role(session_media->rtp, pjmedia_sdp_neg_was_answer_remote(session->inv_session->neg) == PJ_TRUE ?
684                 AST_RTP_ICE_ROLE_CONTROLLING : AST_RTP_ICE_ROLE_CONTROLLED);
685         ice->start(session_media->rtp);
686 }
687
688 /*! \brief figure out if media stream has crypto lines for sdes */
689 static int media_stream_has_crypto(const struct pjmedia_sdp_media *stream)
690 {
691         int i;
692
693         for (i = 0; i < stream->attr_count; i++) {
694                 pjmedia_sdp_attr *attr;
695
696                 /* check the stream for the required crypto attribute */
697                 attr = stream->attr[i];
698                 if (pj_strcmp2(&attr->name, "crypto")) {
699                         continue;
700                 }
701
702                 return 1;
703         }
704
705         return 0;
706 }
707
708 /*! \brief figure out media transport encryption type from the media transport string */
709 static enum ast_sip_session_media_encryption get_media_encryption_type(pj_str_t transport,
710         const struct pjmedia_sdp_media *stream, unsigned int *optimistic)
711 {
712         RAII_VAR(char *, transport_str, ast_strndup(transport.ptr, transport.slen), ast_free);
713
714         *optimistic = 0;
715
716         if (!transport_str) {
717                 return AST_SIP_MEDIA_TRANSPORT_INVALID;
718         }
719         if (strstr(transport_str, "UDP/TLS")) {
720                 return AST_SIP_MEDIA_ENCRYPT_DTLS;
721         } else if (strstr(transport_str, "SAVP")) {
722                 return AST_SIP_MEDIA_ENCRYPT_SDES;
723         } else if (media_stream_has_crypto(stream)) {
724                 *optimistic = 1;
725                 return AST_SIP_MEDIA_ENCRYPT_SDES;
726         } else {
727                 return AST_SIP_MEDIA_ENCRYPT_NONE;
728         }
729 }
730
731 /*!
732  * \brief Checks whether the encryption offered in SDP is compatible with the endpoint's configuration
733  * \internal
734  *
735  * \param endpoint_encryption Media encryption configured for the endpoint
736  * \param stream pjmedia_sdp_media stream description
737  *
738  * \retval AST_SIP_MEDIA_TRANSPORT_INVALID on encryption mismatch
739  * \retval The encryption requested in the SDP
740  */
741 static enum ast_sip_session_media_encryption check_endpoint_media_transport(
742         struct ast_sip_endpoint *endpoint,
743         const struct pjmedia_sdp_media *stream)
744 {
745         enum ast_sip_session_media_encryption incoming_encryption;
746         char transport_end = stream->desc.transport.ptr[stream->desc.transport.slen - 1];
747         unsigned int optimistic;
748
749         if ((transport_end == 'F' && !endpoint->media.rtp.use_avpf)
750                 || (transport_end != 'F' && endpoint->media.rtp.use_avpf)) {
751                 return AST_SIP_MEDIA_TRANSPORT_INVALID;
752         }
753
754         incoming_encryption = get_media_encryption_type(stream->desc.transport, stream, &optimistic);
755
756         if (incoming_encryption == endpoint->media.rtp.encryption) {
757                 return incoming_encryption;
758         }
759
760         if (endpoint->media.rtp.force_avp ||
761                 endpoint->media.rtp.encryption_optimistic) {
762                 return incoming_encryption;
763         }
764
765         /* If an optimistic offer has been made but encryption is not enabled consider it as having
766          * no offer of crypto at all instead of invalid so the session proceeds.
767          */
768         if (optimistic) {
769                 return AST_SIP_MEDIA_ENCRYPT_NONE;
770         }
771
772         return AST_SIP_MEDIA_TRANSPORT_INVALID;
773 }
774
775 static int setup_srtp(struct ast_sip_session_media *session_media)
776 {
777         if (!session_media->srtp) {
778                 session_media->srtp = ast_sdp_srtp_alloc();
779                 if (!session_media->srtp) {
780                         return -1;
781                 }
782         }
783
784         if (!session_media->srtp->crypto) {
785                 session_media->srtp->crypto = ast_sdp_crypto_alloc();
786                 if (!session_media->srtp->crypto) {
787                         return -1;
788                 }
789         }
790
791         return 0;
792 }
793
794 static int setup_dtls_srtp(struct ast_sip_session *session,
795         struct ast_sip_session_media *session_media)
796 {
797         struct ast_rtp_engine_dtls *dtls;
798
799         if (!session->endpoint->media.rtp.dtls_cfg.enabled || !session_media->rtp) {
800                 return -1;
801         }
802
803         dtls = ast_rtp_instance_get_dtls(session_media->rtp);
804         if (!dtls) {
805                 return -1;
806         }
807
808         session->endpoint->media.rtp.dtls_cfg.suite = ((session->endpoint->media.rtp.srtp_tag_32) ? AST_AES_CM_128_HMAC_SHA1_32 : AST_AES_CM_128_HMAC_SHA1_80);
809         if (dtls->set_configuration(session_media->rtp, &session->endpoint->media.rtp.dtls_cfg)) {
810                 ast_log(LOG_ERROR, "Attempted to set an invalid DTLS-SRTP configuration on RTP instance '%p'\n",
811                         session_media->rtp);
812                 return -1;
813         }
814
815         if (setup_srtp(session_media)) {
816                 return -1;
817         }
818         return 0;
819 }
820
821 static void apply_dtls_attrib(struct ast_sip_session_media *session_media,
822         pjmedia_sdp_attr *attr)
823 {
824         struct ast_rtp_engine_dtls *dtls = ast_rtp_instance_get_dtls(session_media->rtp);
825         pj_str_t *value;
826
827         if (!attr->value.ptr || !dtls) {
828                 return;
829         }
830
831         value = pj_strtrim(&attr->value);
832
833         if (!pj_strcmp2(&attr->name, "setup")) {
834                 if (!pj_stricmp2(value, "active")) {
835                         dtls->set_setup(session_media->rtp, AST_RTP_DTLS_SETUP_ACTIVE);
836                 } else if (!pj_stricmp2(value, "passive")) {
837                         dtls->set_setup(session_media->rtp, AST_RTP_DTLS_SETUP_PASSIVE);
838                 } else if (!pj_stricmp2(value, "actpass")) {
839                         dtls->set_setup(session_media->rtp, AST_RTP_DTLS_SETUP_ACTPASS);
840                 } else if (!pj_stricmp2(value, "holdconn")) {
841                         dtls->set_setup(session_media->rtp, AST_RTP_DTLS_SETUP_HOLDCONN);
842                 } else {
843                         ast_log(LOG_WARNING, "Unsupported setup attribute value '%*s'\n", (int)value->slen, value->ptr);
844                 }
845         } else if (!pj_strcmp2(&attr->name, "connection")) {
846                 if (!pj_stricmp2(value, "new")) {
847                         dtls->reset(session_media->rtp);
848                 } else if (!pj_stricmp2(value, "existing")) {
849                         /* Do nothing */
850                 } else {
851                         ast_log(LOG_WARNING, "Unsupported connection attribute value '%*s'\n", (int)value->slen, value->ptr);
852                 }
853         } else if (!pj_strcmp2(&attr->name, "fingerprint")) {
854                 char hash_value[256], hash[32];
855                 char fingerprint_text[value->slen + 1];
856                 ast_copy_pj_str(fingerprint_text, value, sizeof(fingerprint_text));
857                         if (sscanf(fingerprint_text, "%31s %255s", hash, hash_value) == 2) {
858                         if (!strcasecmp(hash, "sha-1")) {
859                                 dtls->set_fingerprint(session_media->rtp, AST_RTP_DTLS_HASH_SHA1, hash_value);
860                         } else if (!strcasecmp(hash, "sha-256")) {
861                                 dtls->set_fingerprint(session_media->rtp, AST_RTP_DTLS_HASH_SHA256, hash_value);
862                         } else {
863                                 ast_log(LOG_WARNING, "Unsupported fingerprint hash type '%s'\n",
864                                 hash);
865                         }
866                 }
867         }
868 }
869
870 static int parse_dtls_attrib(struct ast_sip_session_media *session_media,
871         const struct pjmedia_sdp_session *sdp,
872         const struct pjmedia_sdp_media *stream)
873 {
874         int i;
875
876         for (i = 0; i < sdp->attr_count; i++) {
877                 apply_dtls_attrib(session_media, sdp->attr[i]);
878         }
879
880         for (i = 0; i < stream->attr_count; i++) {
881                 apply_dtls_attrib(session_media, stream->attr[i]);
882         }
883
884         ast_set_flag(session_media->srtp, AST_SRTP_CRYPTO_OFFER_OK);
885
886         return 0;
887 }
888
889 static int setup_sdes_srtp(struct ast_sip_session_media *session_media,
890         const struct pjmedia_sdp_media *stream)
891 {
892         int i;
893
894         for (i = 0; i < stream->attr_count; i++) {
895                 pjmedia_sdp_attr *attr;
896                 RAII_VAR(char *, crypto_str, NULL, ast_free);
897
898                 /* check the stream for the required crypto attribute */
899                 attr = stream->attr[i];
900                 if (pj_strcmp2(&attr->name, "crypto")) {
901                         continue;
902                 }
903
904                 crypto_str = ast_strndup(attr->value.ptr, attr->value.slen);
905                 if (!crypto_str) {
906                         return -1;
907                 }
908
909                 if (setup_srtp(session_media)) {
910                         return -1;
911                 }
912
913                 if (!ast_sdp_crypto_process(session_media->rtp, session_media->srtp, crypto_str)) {
914                         /* found a valid crypto attribute */
915                         return 0;
916                 }
917
918                 ast_debug(1, "Ignoring crypto offer with unsupported parameters: %s\n", crypto_str);
919         }
920
921         /* no usable crypto attributes found */
922         return -1;
923 }
924
925 static int setup_media_encryption(struct ast_sip_session *session,
926         struct ast_sip_session_media *session_media,
927         const struct pjmedia_sdp_session *sdp,
928         const struct pjmedia_sdp_media *stream)
929 {
930         switch (session_media->encryption) {
931         case AST_SIP_MEDIA_ENCRYPT_SDES:
932                 if (setup_sdes_srtp(session_media, stream)) {
933                         return -1;
934                 }
935                 break;
936         case AST_SIP_MEDIA_ENCRYPT_DTLS:
937                 if (setup_dtls_srtp(session, session_media)) {
938                         return -1;
939                 }
940                 if (parse_dtls_attrib(session_media, sdp, stream)) {
941                         return -1;
942                 }
943                 break;
944         case AST_SIP_MEDIA_TRANSPORT_INVALID:
945         case AST_SIP_MEDIA_ENCRYPT_NONE:
946                 break;
947         }
948
949         return 0;
950 }
951
952 static void set_ice_components(struct ast_sip_session *session, struct ast_sip_session_media *session_media)
953 {
954         struct ast_rtp_engine_ice *ice;
955
956         ast_assert(session_media->rtp != NULL);
957
958         ice = ast_rtp_instance_get_ice(session_media->rtp);
959         if (!session->endpoint->media.rtp.ice_support || !ice) {
960                 return;
961         }
962
963         if (session->endpoint->media.rtcp_mux && session_media->remote_rtcp_mux) {
964                 /* We both support RTCP mux. Only one ICE component necessary */
965                 ice->change_components(session_media->rtp, 1);
966         } else {
967                 /* They either don't support RTCP mux or we don't know if they do yet. */
968                 ice->change_components(session_media->rtp, 2);
969         }
970 }
971
972 /*! \brief Function which adds ssrc attributes to a media stream */
973 static void add_ssrc_to_stream(struct ast_sip_session *session, struct ast_sip_session_media *session_media, pj_pool_t *pool, pjmedia_sdp_media *media)
974 {
975         pj_str_t stmp;
976         pjmedia_sdp_attr *attr;
977         char tmp[128];
978
979         if (!session->endpoint->media.bundle || session_media->bundle_group == -1) {
980                 return;
981         }
982
983         snprintf(tmp, sizeof(tmp), "%u cname:%s", ast_rtp_instance_get_ssrc(session_media->rtp), ast_rtp_instance_get_cname(session_media->rtp));
984         attr = pjmedia_sdp_attr_create(pool, "ssrc", pj_cstr(&stmp, tmp));
985         media->attr[media->attr_count++] = attr;
986 }
987
988 /*! \brief Function which processes ssrc attributes in a stream */
989 static void process_ssrc_attributes(struct ast_sip_session *session, struct ast_sip_session_media *session_media,
990                                    const struct pjmedia_sdp_media *remote_stream)
991 {
992         int index;
993
994         if (!session->endpoint->media.bundle) {
995                 return;
996         }
997
998         for (index = 0; index < remote_stream->attr_count; ++index) {
999                 pjmedia_sdp_attr *attr = remote_stream->attr[index];
1000                 char attr_value[pj_strlen(&attr->value) + 1];
1001                 char *ssrc_attribute_name, *ssrc_attribute_value = NULL;
1002                 unsigned int ssrc;
1003
1004                 /* We only care about ssrc attributes */
1005                 if (pj_strcmp2(&attr->name, "ssrc")) {
1006                         continue;
1007                 }
1008
1009                 ast_copy_pj_str(attr_value, &attr->value, sizeof(attr_value));
1010
1011                 if ((ssrc_attribute_name = strchr(attr_value, ' '))) {
1012                         /* This has an actual attribute */
1013                         *ssrc_attribute_name++ = '\0';
1014                         ssrc_attribute_value = strchr(ssrc_attribute_name, ':');
1015                         if (ssrc_attribute_value) {
1016                                 /* Values are actually optional according to the spec */
1017                                 *ssrc_attribute_value++ = '\0';
1018                         }
1019                 }
1020
1021                 if (sscanf(attr_value, "%30u", &ssrc) < 1) {
1022                         continue;
1023                 }
1024
1025                 /* If we are currently negotiating as a result of the remote side renegotiating then
1026                  * determine if the source for this stream has changed.
1027                  */
1028                 if (pjmedia_sdp_neg_get_state(session->inv_session->neg) == PJMEDIA_SDP_NEG_STATE_REMOTE_OFFER &&
1029                         session->active_media_state) {
1030                         struct ast_rtp_instance_stats stats = { 0, };
1031
1032                         if (!ast_rtp_instance_get_stats(session_media->rtp, &stats, AST_RTP_INSTANCE_STAT_REMOTE_SSRC) &&
1033                                 stats.remote_ssrc != ssrc) {
1034                                 session_media->changed = 1;
1035                         }
1036                 }
1037
1038                 ast_rtp_instance_set_remote_ssrc(session_media->rtp, ssrc);
1039         }
1040 }
1041
1042 static void add_msid_to_stream(struct ast_sip_session *session,
1043         struct ast_sip_session_media *session_media, pj_pool_t *pool, pjmedia_sdp_media *media,
1044         struct ast_stream *stream)
1045 {
1046         pj_str_t stmp;
1047         pjmedia_sdp_attr *attr;
1048         char msid[(AST_UUID_STR_LEN * 2) + 2];
1049
1050         if (!session->endpoint->media.webrtc) {
1051                 return;
1052         }
1053
1054         if (ast_strlen_zero(session_media->mslabel)) {
1055                 /* If this stream is grouped with another then use its media stream label if possible */
1056                 if (ast_stream_get_group(stream) != -1) {
1057                         struct ast_sip_session_media *group_session_media = AST_VECTOR_GET(&session->pending_media_state->sessions, ast_stream_get_group(stream));
1058
1059                         ast_copy_string(session_media->mslabel, group_session_media->mslabel, sizeof(session_media->mslabel));
1060                 }
1061
1062                 if (ast_strlen_zero(session_media->mslabel)) {
1063                         ast_uuid_generate_str(session_media->mslabel, sizeof(session_media->mslabel));
1064                 }
1065         }
1066
1067         if (ast_strlen_zero(session_media->label)) {
1068                 ast_uuid_generate_str(session_media->label, sizeof(session_media->label));
1069         }
1070
1071         snprintf(msid, sizeof(msid), "%s %s", session_media->mslabel, session_media->label);
1072         attr = pjmedia_sdp_attr_create(pool, "msid", pj_cstr(&stmp, msid));
1073         pjmedia_sdp_attr_add(&media->attr_count, media->attr, attr);
1074 }
1075
1076 static void add_rtcp_fb_to_stream(struct ast_sip_session *session,
1077         struct ast_sip_session_media *session_media, pj_pool_t *pool, pjmedia_sdp_media *media)
1078 {
1079         pj_str_t stmp;
1080         pjmedia_sdp_attr *attr;
1081
1082         if (!session->endpoint->media.webrtc || session_media->type != AST_MEDIA_TYPE_VIDEO) {
1083                 return;
1084         }
1085
1086         /*
1087          * For now just automatically add it the stream even though it hasn't
1088          * necessarily been negotiated.
1089          */
1090         attr = pjmedia_sdp_attr_create(pool, "rtcp-fb", pj_cstr(&stmp, "* ccm fir"));
1091         pjmedia_sdp_attr_add(&media->attr_count, media->attr, attr);
1092 }
1093
1094 /*! \brief Function which negotiates an incoming media stream */
1095 static int negotiate_incoming_sdp_stream(struct ast_sip_session *session,
1096         struct ast_sip_session_media *session_media, const pjmedia_sdp_session *sdp,
1097         int index, struct ast_stream *asterisk_stream)
1098 {
1099         char host[NI_MAXHOST];
1100         RAII_VAR(struct ast_sockaddr *, addrs, NULL, ast_free);
1101         pjmedia_sdp_media *stream = sdp->media[index];
1102         struct ast_sip_session_media *session_media_transport;
1103         enum ast_media_type media_type = session_media->type;
1104         enum ast_sip_session_media_encryption encryption = AST_SIP_MEDIA_ENCRYPT_NONE;
1105         int res;
1106
1107         /* If no type formats have been configured reject this stream */
1108         if (!ast_format_cap_has_type(session->endpoint->media.codecs, media_type)) {
1109                 ast_debug(3, "Endpoint has no codecs for media type '%s', declining stream\n",
1110                         ast_codec_media_type2str(session_media->type));
1111                 return 0;
1112         }
1113
1114         /* Ensure incoming transport is compatible with the endpoint's configuration */
1115         if (!session->endpoint->media.rtp.use_received_transport) {
1116                 encryption = check_endpoint_media_transport(session->endpoint, stream);
1117
1118                 if (encryption == AST_SIP_MEDIA_TRANSPORT_INVALID) {
1119                         return -1;
1120                 }
1121         }
1122
1123         ast_copy_pj_str(host, stream->conn ? &stream->conn->addr : &sdp->conn->addr, sizeof(host));
1124
1125         /* Ensure that the address provided is valid */
1126         if (ast_sockaddr_resolve(&addrs, host, PARSE_PORT_FORBID, AST_AF_UNSPEC) <= 0) {
1127                 /* The provided host was actually invalid so we error out this negotiation */
1128                 return -1;
1129         }
1130
1131         /* Using the connection information create an appropriate RTP instance */
1132         if (!session_media->rtp && create_rtp(session, session_media)) {
1133                 return -1;
1134         }
1135
1136         process_ssrc_attributes(session, session_media, stream);
1137         session_media_transport = ast_sip_session_media_get_transport(session, session_media);
1138
1139         if (session_media_transport == session_media || !session_media->bundled) {
1140                 /* If this media session is carrying actual traffic then set up those aspects */
1141                 session_media->remote_rtcp_mux = (pjmedia_sdp_media_find_attr2(stream, "rtcp-mux", NULL) != NULL);
1142                 set_ice_components(session, session_media);
1143
1144                 enable_rtcp(session, session_media, stream);
1145
1146                 res = setup_media_encryption(session, session_media, sdp, stream);
1147                 if (res) {
1148                         if (!session->endpoint->media.rtp.encryption_optimistic ||
1149                                 !pj_strncmp2(&stream->desc.transport, "RTP/SAVP", 8)) {
1150                                 /* If optimistic encryption is disabled and crypto should have been enabled
1151                                  * but was not this session must fail. This must also fail if crypto was
1152                                  * required in the offer but could not be set up.
1153                                  */
1154                                 return -1;
1155                         }
1156                         /* There is no encryption, sad. */
1157                         session_media->encryption = AST_SIP_MEDIA_ENCRYPT_NONE;
1158                 }
1159
1160                 /* If we've been explicitly configured to use the received transport OR if
1161                  * encryption is on and crypto is present use the received transport.
1162                  * This is done in case of optimistic because it may come in as RTP/AVP or RTP/SAVP depending
1163                  * on the configuration of the remote endpoint (optimistic themselves or mandatory).
1164                  */
1165                 if ((session->endpoint->media.rtp.use_received_transport) ||
1166                         ((encryption == AST_SIP_MEDIA_ENCRYPT_SDES) && !res)) {
1167                         pj_strdup(session->inv_session->pool, &session_media->transport, &stream->desc.transport);
1168                 }
1169         } else {
1170                 /* This is bundled with another session, so mark it as such */
1171                 ast_rtp_instance_bundle(session_media->rtp, session_media_transport->rtp);
1172
1173                 enable_rtcp(session, session_media, stream);
1174         }
1175
1176         if (set_caps(session, session_media, session_media_transport, stream, 1, asterisk_stream)) {
1177                 return 0;
1178         }
1179
1180         return 1;
1181 }
1182
1183 static int add_crypto_to_stream(struct ast_sip_session *session,
1184         struct ast_sip_session_media *session_media,
1185         pj_pool_t *pool, pjmedia_sdp_media *media)
1186 {
1187         pj_str_t stmp;
1188         pjmedia_sdp_attr *attr;
1189         enum ast_rtp_dtls_hash hash;
1190         const char *crypto_attribute;
1191         struct ast_rtp_engine_dtls *dtls;
1192         struct ast_sdp_srtp *tmp;
1193         static const pj_str_t STR_NEW = { "new", 3 };
1194         static const pj_str_t STR_EXISTING = { "existing", 8 };
1195         static const pj_str_t STR_ACTIVE = { "active", 6 };
1196         static const pj_str_t STR_PASSIVE = { "passive", 7 };
1197         static const pj_str_t STR_ACTPASS = { "actpass", 7 };
1198         static const pj_str_t STR_HOLDCONN = { "holdconn", 8 };
1199         enum ast_rtp_dtls_setup setup;
1200
1201         switch (session_media->encryption) {
1202         case AST_SIP_MEDIA_ENCRYPT_NONE:
1203         case AST_SIP_MEDIA_TRANSPORT_INVALID:
1204                 break;
1205         case AST_SIP_MEDIA_ENCRYPT_SDES:
1206                 if (!session_media->srtp) {
1207                         session_media->srtp = ast_sdp_srtp_alloc();
1208                         if (!session_media->srtp) {
1209                                 return -1;
1210                         }
1211                 }
1212
1213                 tmp = session_media->srtp;
1214
1215                 do {
1216                         crypto_attribute = ast_sdp_srtp_get_attrib(tmp,
1217                                 0 /* DTLS running? No */,
1218                                 session->endpoint->media.rtp.srtp_tag_32 /* 32 byte tag length? */);
1219                         if (!crypto_attribute) {
1220                                 /* No crypto attribute to add, bad news */
1221                                 return -1;
1222                         }
1223
1224                         attr = pjmedia_sdp_attr_create(pool, "crypto",
1225                                 pj_cstr(&stmp, crypto_attribute));
1226                         media->attr[media->attr_count++] = attr;
1227                 } while ((tmp = AST_LIST_NEXT(tmp, sdp_srtp_list)));
1228
1229                 break;
1230         case AST_SIP_MEDIA_ENCRYPT_DTLS:
1231                 if (setup_dtls_srtp(session, session_media)) {
1232                         return -1;
1233                 }
1234
1235                 dtls = ast_rtp_instance_get_dtls(session_media->rtp);
1236                 if (!dtls) {
1237                         return -1;
1238                 }
1239
1240                 switch (dtls->get_connection(session_media->rtp)) {
1241                 case AST_RTP_DTLS_CONNECTION_NEW:
1242                         attr = pjmedia_sdp_attr_create(pool, "connection", &STR_NEW);
1243                         media->attr[media->attr_count++] = attr;
1244                         break;
1245                 case AST_RTP_DTLS_CONNECTION_EXISTING:
1246                         attr = pjmedia_sdp_attr_create(pool, "connection", &STR_EXISTING);
1247                         media->attr[media->attr_count++] = attr;
1248                         break;
1249                 default:
1250                         break;
1251                 }
1252
1253                 /* If this is an answer we need to use our current state, if it's an offer we need to use
1254                  * the configured value.
1255                  */
1256                 if (session->inv_session->neg
1257                         && pjmedia_sdp_neg_get_state(session->inv_session->neg) != PJMEDIA_SDP_NEG_STATE_DONE) {
1258                         setup = dtls->get_setup(session_media->rtp);
1259                 } else {
1260                         setup = session->endpoint->media.rtp.dtls_cfg.default_setup;
1261                 }
1262
1263                 switch (setup) {
1264                 case AST_RTP_DTLS_SETUP_ACTIVE:
1265                         attr = pjmedia_sdp_attr_create(pool, "setup", &STR_ACTIVE);
1266                         media->attr[media->attr_count++] = attr;
1267                         break;
1268                 case AST_RTP_DTLS_SETUP_PASSIVE:
1269                         attr = pjmedia_sdp_attr_create(pool, "setup", &STR_PASSIVE);
1270                         media->attr[media->attr_count++] = attr;
1271                         break;
1272                 case AST_RTP_DTLS_SETUP_ACTPASS:
1273                         attr = pjmedia_sdp_attr_create(pool, "setup", &STR_ACTPASS);
1274                         media->attr[media->attr_count++] = attr;
1275                         break;
1276                 case AST_RTP_DTLS_SETUP_HOLDCONN:
1277                         attr = pjmedia_sdp_attr_create(pool, "setup", &STR_HOLDCONN);
1278                         break;
1279                 default:
1280                         break;
1281                 }
1282
1283                 hash = dtls->get_fingerprint_hash(session_media->rtp);
1284                 crypto_attribute = dtls->get_fingerprint(session_media->rtp);
1285                 if (crypto_attribute && (hash == AST_RTP_DTLS_HASH_SHA1 || hash == AST_RTP_DTLS_HASH_SHA256)) {
1286                         RAII_VAR(struct ast_str *, fingerprint, ast_str_create(64), ast_free);
1287                         if (!fingerprint) {
1288                                 return -1;
1289                         }
1290
1291                         if (hash == AST_RTP_DTLS_HASH_SHA1) {
1292                                 ast_str_set(&fingerprint, 0, "SHA-1 %s", crypto_attribute);
1293                         } else {
1294                                 ast_str_set(&fingerprint, 0, "SHA-256 %s", crypto_attribute);
1295                         }
1296
1297                         attr = pjmedia_sdp_attr_create(pool, "fingerprint", pj_cstr(&stmp, ast_str_buffer(fingerprint)));
1298                         media->attr[media->attr_count++] = attr;
1299                 }
1300                 break;
1301         }
1302
1303         return 0;
1304 }
1305
1306 /*! \brief Function which creates an outgoing stream */
1307 static int create_outgoing_sdp_stream(struct ast_sip_session *session, struct ast_sip_session_media *session_media,
1308                                       struct pjmedia_sdp_session *sdp, const struct pjmedia_sdp_session *remote, struct ast_stream *stream)
1309 {
1310         pj_pool_t *pool = session->inv_session->pool_prov;
1311         static const pj_str_t STR_RTP_AVP = { "RTP/AVP", 7 };
1312         static const pj_str_t STR_IN = { "IN", 2 };
1313         static const pj_str_t STR_IP4 = { "IP4", 3};
1314         static const pj_str_t STR_IP6 = { "IP6", 3};
1315         static const pj_str_t STR_SENDRECV = { "sendrecv", 8 };
1316         static const pj_str_t STR_SENDONLY = { "sendonly", 8 };
1317         pjmedia_sdp_media *media;
1318         const char *hostip = NULL;
1319         struct ast_sockaddr addr;
1320         char tmp[512];
1321         pj_str_t stmp;
1322         pjmedia_sdp_attr *attr;
1323         int index = 0;
1324         int noncodec = (session->dtmf == AST_SIP_DTMF_RFC_4733 || session->dtmf == AST_SIP_DTMF_AUTO || session->dtmf == AST_SIP_DTMF_AUTO_INFO) ? AST_RTP_DTMF : 0;
1325         int min_packet_size = 0, max_packet_size = 0;
1326         int rtp_code;
1327         RAII_VAR(struct ast_format_cap *, caps, NULL, ao2_cleanup);
1328         enum ast_media_type media_type = session_media->type;
1329         struct ast_sip_session_media *session_media_transport;
1330         pj_sockaddr ip;
1331
1332         int direct_media_enabled = !ast_sockaddr_isnull(&session_media->direct_media_addr) &&
1333                 ast_format_cap_count(session->direct_media_cap);
1334
1335         media = pj_pool_zalloc(pool, sizeof(struct pjmedia_sdp_media));
1336         if (!media) {
1337                 return -1;
1338         }
1339         pj_strdup2(pool, &media->desc.media, ast_codec_media_type2str(session_media->type));
1340
1341         /* If this is a removed (or declined) stream OR if no formats exist then construct a minimal stream in SDP */
1342         if (ast_stream_get_state(stream) == AST_STREAM_STATE_REMOVED || !ast_stream_get_formats(stream) ||
1343                 !ast_format_cap_count(ast_stream_get_formats(stream))) {
1344                 media->desc.port = 0;
1345                 media->desc.port_count = 1;
1346
1347                 if (remote && remote->media[ast_stream_get_position(stream)]) {
1348                         pjmedia_sdp_media *remote_media = remote->media[ast_stream_get_position(stream)];
1349                         int index;
1350
1351                         media->desc.transport = remote_media->desc.transport;
1352
1353                         /* Preserve existing behavior by copying the formats provided from the offer */
1354                         for (index = 0; index < remote_media->desc.fmt_count; ++index) {
1355                                 media->desc.fmt[index] = remote_media->desc.fmt[index];
1356                         }
1357                         media->desc.fmt_count = remote_media->desc.fmt_count;
1358                 } else {
1359                         /* This is actually an offer so put a dummy payload in that is ignored and sane transport */
1360                         media->desc.transport = STR_RTP_AVP;
1361                         pj_strdup2(pool, &media->desc.fmt[media->desc.fmt_count++], "32");
1362                 }
1363
1364                 sdp->media[sdp->media_count++] = media;
1365                 ast_stream_set_state(stream, AST_STREAM_STATE_REMOVED);
1366
1367                 return 1;
1368         }
1369
1370         if (!session_media->rtp && create_rtp(session, session_media)) {
1371                 return -1;
1372         }
1373
1374         /* If this stream has not been bundled already it is new and we need to ensure there is no SSRC conflict */
1375         if (session_media->bundle_group != -1 && !session_media->bundled) {
1376                 for (index = 0; index < sdp->media_count; ++index) {
1377                         struct ast_sip_session_media *other_session_media;
1378
1379                         other_session_media = AST_VECTOR_GET(&session->pending_media_state->sessions, index);
1380                         if (!other_session_media->rtp || other_session_media->bundle_group != session_media->bundle_group) {
1381                                 continue;
1382                         }
1383
1384                         if (ast_rtp_instance_get_ssrc(session_media->rtp) == ast_rtp_instance_get_ssrc(other_session_media->rtp)) {
1385                                 ast_rtp_instance_change_source(session_media->rtp);
1386                                 /* Start the conflict check over again */
1387                                 index = -1;
1388                                 continue;
1389                         }
1390                 }
1391         }
1392
1393         session_media_transport = ast_sip_session_media_get_transport(session, session_media);
1394
1395         if (session_media_transport == session_media || !session_media->bundled) {
1396                 set_ice_components(session, session_media);
1397                 enable_rtcp(session, session_media, NULL);
1398
1399                 /* Crypto has to be added before setting the media transport so that SRTP is properly
1400                  * set up according to the configuration. This ends up changing the media transport.
1401                  */
1402                 if (add_crypto_to_stream(session, session_media, pool, media)) {
1403                         return -1;
1404                 }
1405
1406                 if (pj_strlen(&session_media->transport)) {
1407                         /* If a transport has already been specified use it */
1408                         media->desc.transport = session_media->transport;
1409                 } else {
1410                         media->desc.transport = pj_str(ast_sdp_get_rtp_profile(
1411                                 /* Optimistic encryption places crypto in the normal RTP/AVP profile */
1412                                 !session->endpoint->media.rtp.encryption_optimistic &&
1413                                         (session_media->encryption == AST_SIP_MEDIA_ENCRYPT_SDES),
1414                                 session_media->rtp, session->endpoint->media.rtp.use_avpf,
1415                                 session->endpoint->media.rtp.force_avp));
1416                 }
1417
1418                 media->conn = pj_pool_zalloc(pool, sizeof(struct pjmedia_sdp_conn));
1419                 if (!media->conn) {
1420                         return -1;
1421                 }
1422
1423                 /* Add connection level details */
1424                 if (direct_media_enabled) {
1425                         hostip = ast_sockaddr_stringify_fmt(&session_media->direct_media_addr, AST_SOCKADDR_STR_ADDR);
1426                 } else if (ast_strlen_zero(session->endpoint->media.address)) {
1427                         hostip = ast_sip_get_host_ip_string(session->endpoint->media.rtp.ipv6 ? pj_AF_INET6() : pj_AF_INET());
1428                 } else {
1429                         hostip = session->endpoint->media.address;
1430                 }
1431
1432                 if (ast_strlen_zero(hostip)) {
1433                         ast_log(LOG_ERROR, "No local host IP available for stream %s\n",
1434                                 ast_codec_media_type2str(session_media->type));
1435                         return -1;
1436                 }
1437
1438                 media->conn->net_type = STR_IN;
1439                 /* Assume that the connection will use IPv4 until proven otherwise */
1440                 media->conn->addr_type = STR_IP4;
1441                 pj_strdup2(pool, &media->conn->addr, hostip);
1442
1443                 if ((pj_sockaddr_parse(pj_AF_UNSPEC(), 0, &media->conn->addr, &ip) == PJ_SUCCESS) &&
1444                         (ip.addr.sa_family == pj_AF_INET6())) {
1445                         media->conn->addr_type = STR_IP6;
1446                 }
1447
1448                 /* Add ICE attributes and candidates */
1449                 add_ice_to_stream(session, session_media, pool, media, 1);
1450
1451                 ast_rtp_instance_get_local_address(session_media->rtp, &addr);
1452                 media->desc.port = direct_media_enabled ? ast_sockaddr_port(&session_media->direct_media_addr) : (pj_uint16_t) ast_sockaddr_port(&addr);
1453                 media->desc.port_count = 1;
1454         } else {
1455                 pjmedia_sdp_media *bundle_group_stream = sdp->media[session_media_transport->stream_num];
1456
1457                 /* As this is in a bundle group it shares the same details as the group instance */
1458                 media->desc.transport = bundle_group_stream->desc.transport;
1459                 media->conn = bundle_group_stream->conn;
1460                 media->desc.port = bundle_group_stream->desc.port;
1461
1462                 if (add_crypto_to_stream(session, session_media_transport, pool, media)) {
1463                         return -1;
1464                 }
1465
1466                 add_ice_to_stream(session, session_media_transport, pool, media, 0);
1467
1468                 enable_rtcp(session, session_media, NULL);
1469         }
1470
1471         if (!(caps = ast_format_cap_alloc(AST_FORMAT_CAP_FLAG_DEFAULT))) {
1472                 ast_log(LOG_ERROR, "Failed to allocate %s capabilities\n",
1473                         ast_codec_media_type2str(session_media->type));
1474                 return -1;
1475         }
1476
1477         if (direct_media_enabled) {
1478                 ast_format_cap_get_compatible(session->endpoint->media.codecs, session->direct_media_cap, caps);
1479         } else {
1480                 ast_format_cap_append_from_cap(caps, ast_stream_get_formats(stream), media_type);
1481         }
1482
1483         for (index = 0; index < ast_format_cap_count(caps); ++index) {
1484                 struct ast_format *format = ast_format_cap_get_format(caps, index);
1485
1486                 if (ast_format_get_type(format) != media_type) {
1487                         ao2_ref(format, -1);
1488                         continue;
1489                 }
1490
1491                 /* If this stream is not a transport we need to use the transport codecs structure for payload management to prevent
1492                  * conflicts.
1493                  */
1494                 if (session_media_transport != session_media) {
1495                         if ((rtp_code = ast_rtp_codecs_payload_code(ast_rtp_instance_get_codecs(session_media_transport->rtp), 1, format, 0)) == -1) {
1496                                 ast_log(LOG_WARNING,"Unable to get rtp codec payload code for %s\n", ast_format_get_name(format));
1497                                 ao2_ref(format, -1);
1498                                 continue;
1499                         }
1500                         /* Our instance has to match the payload number though */
1501                         ast_rtp_codecs_payload_set_rx(ast_rtp_instance_get_codecs(session_media->rtp), rtp_code, format);
1502                 } else {
1503                         if ((rtp_code = ast_rtp_codecs_payload_code(ast_rtp_instance_get_codecs(session_media->rtp), 1, format, 0)) == -1) {
1504                                 ast_log(LOG_WARNING,"Unable to get rtp codec payload code for %s\n", ast_format_get_name(format));
1505                                 ao2_ref(format, -1);
1506                                 continue;
1507                         }
1508                 }
1509
1510                 if ((attr = generate_rtpmap_attr(session, media, pool, rtp_code, 1, format, 0))) {
1511                         media->attr[media->attr_count++] = attr;
1512                 }
1513
1514                 if ((attr = generate_fmtp_attr(pool, format, rtp_code))) {
1515                         media->attr[media->attr_count++] = attr;
1516                 }
1517
1518                 if (ast_format_get_maximum_ms(format) &&
1519                         ((ast_format_get_maximum_ms(format) < max_packet_size) || !max_packet_size)) {
1520                         max_packet_size = ast_format_get_maximum_ms(format);
1521                 }
1522                 ao2_ref(format, -1);
1523
1524                 if (media->desc.fmt_count == PJMEDIA_MAX_SDP_FMT) {
1525                         break;
1526                 }
1527         }
1528
1529         /* Add non-codec formats */
1530         if (ast_sip_session_is_pending_stream_default(session, stream) && media_type != AST_MEDIA_TYPE_VIDEO
1531                 && media->desc.fmt_count < PJMEDIA_MAX_SDP_FMT) {
1532                 for (index = 1LL; index <= AST_RTP_MAX; index <<= 1) {
1533                         if (!(noncodec & index)) {
1534                                 continue;
1535                         }
1536                         rtp_code = ast_rtp_codecs_payload_code(
1537                                 ast_rtp_instance_get_codecs(session_media->rtp), 0, NULL, index);
1538                         if (rtp_code == -1) {
1539                                 continue;
1540                         }
1541
1542                         if ((attr = generate_rtpmap_attr(session, media, pool, rtp_code, 0, NULL, index))) {
1543                                 media->attr[media->attr_count++] = attr;
1544                         }
1545
1546                         if (index == AST_RTP_DTMF) {
1547                                 snprintf(tmp, sizeof(tmp), "%d 0-16", rtp_code);
1548                                 attr = pjmedia_sdp_attr_create(pool, "fmtp", pj_cstr(&stmp, tmp));
1549                                 media->attr[media->attr_count++] = attr;
1550                         }
1551
1552                         if (media->desc.fmt_count == PJMEDIA_MAX_SDP_FMT) {
1553                                 break;
1554                         }
1555                 }
1556         }
1557
1558
1559         /* If no formats were actually added to the media stream don't add it to the SDP */
1560         if (!media->desc.fmt_count) {
1561                 return 1;
1562         }
1563
1564         /* If ptime is set add it as an attribute */
1565         min_packet_size = ast_rtp_codecs_get_framing(ast_rtp_instance_get_codecs(session_media->rtp));
1566         if (!min_packet_size) {
1567                 min_packet_size = ast_format_cap_get_framing(caps);
1568         }
1569         if (min_packet_size) {
1570                 snprintf(tmp, sizeof(tmp), "%d", min_packet_size);
1571                 attr = pjmedia_sdp_attr_create(pool, "ptime", pj_cstr(&stmp, tmp));
1572                 media->attr[media->attr_count++] = attr;
1573         }
1574
1575         if (max_packet_size) {
1576                 snprintf(tmp, sizeof(tmp), "%d", max_packet_size);
1577                 attr = pjmedia_sdp_attr_create(pool, "maxptime", pj_cstr(&stmp, tmp));
1578                 media->attr[media->attr_count++] = attr;
1579         }
1580
1581         /* Add the sendrecv attribute - we purposely don't keep track because pjmedia-sdp will automatically change our offer for us */
1582         attr = PJ_POOL_ZALLOC_T(pool, pjmedia_sdp_attr);
1583         attr->name = !session_media->locally_held ? STR_SENDRECV : STR_SENDONLY;
1584         media->attr[media->attr_count++] = attr;
1585
1586         /* If we've got rtcp-mux enabled, just unconditionally offer it in all SDPs */
1587         if (session->endpoint->media.rtcp_mux) {
1588                 attr = pjmedia_sdp_attr_create(pool, "rtcp-mux", NULL);
1589                 pjmedia_sdp_attr_add(&media->attr_count, media->attr, attr);
1590         }
1591
1592         add_ssrc_to_stream(session, session_media, pool, media);
1593         add_msid_to_stream(session, session_media, pool, media, stream);
1594         add_rtcp_fb_to_stream(session, session_media, pool, media);
1595
1596         /* Add the media stream to the SDP */
1597         sdp->media[sdp->media_count++] = media;
1598
1599         return 1;
1600 }
1601
1602 static struct ast_frame *media_session_rtp_read_callback(struct ast_sip_session *session, struct ast_sip_session_media *session_media)
1603 {
1604         struct ast_frame *f;
1605
1606         if (!session_media->rtp) {
1607                 return &ast_null_frame;
1608         }
1609
1610         f = ast_rtp_instance_read(session_media->rtp, 0);
1611         if (!f) {
1612                 return NULL;
1613         }
1614
1615         ast_rtp_instance_set_last_rx(session_media->rtp, time(NULL));
1616
1617         return f;
1618 }
1619
1620 static struct ast_frame *media_session_rtcp_read_callback(struct ast_sip_session *session, struct ast_sip_session_media *session_media)
1621 {
1622         struct ast_frame *f;
1623
1624         if (!session_media->rtp) {
1625                 return &ast_null_frame;
1626         }
1627
1628         f = ast_rtp_instance_read(session_media->rtp, 1);
1629         if (!f) {
1630                 return NULL;
1631         }
1632
1633         ast_rtp_instance_set_last_rx(session_media->rtp, time(NULL));
1634
1635         return f;
1636 }
1637
1638 static int media_session_rtp_write_callback(struct ast_sip_session *session, struct ast_sip_session_media *session_media, struct ast_frame *frame)
1639 {
1640         if (!session_media->rtp) {
1641                 return 0;
1642         }
1643
1644         return ast_rtp_instance_write(session_media->rtp, frame);
1645 }
1646
1647 static int apply_negotiated_sdp_stream(struct ast_sip_session *session,
1648         struct ast_sip_session_media *session_media, const struct pjmedia_sdp_session *local,
1649         const struct pjmedia_sdp_session *remote, int index, struct ast_stream *asterisk_stream)
1650 {
1651         RAII_VAR(struct ast_sockaddr *, addrs, NULL, ast_free);
1652         struct pjmedia_sdp_media *remote_stream = remote->media[index];
1653         enum ast_media_type media_type = session_media->type;
1654         char host[NI_MAXHOST];
1655         int res;
1656         struct ast_sip_session_media *session_media_transport;
1657
1658         if (!session->channel) {
1659                 return 1;
1660         }
1661
1662         /* Ensure incoming transport is compatible with the endpoint's configuration */
1663         if (!session->endpoint->media.rtp.use_received_transport &&
1664                 check_endpoint_media_transport(session->endpoint, remote_stream) == AST_SIP_MEDIA_TRANSPORT_INVALID) {
1665                 return -1;
1666         }
1667
1668         /* Create an RTP instance if need be */
1669         if (!session_media->rtp && create_rtp(session, session_media)) {
1670                 return -1;
1671         }
1672
1673         process_ssrc_attributes(session, session_media, remote_stream);
1674
1675         session_media_transport = ast_sip_session_media_get_transport(session, session_media);
1676
1677         if (session_media_transport == session_media || !session_media->bundled) {
1678                 session_media->remote_rtcp_mux = (pjmedia_sdp_media_find_attr2(remote_stream, "rtcp-mux", NULL) != NULL);
1679                 set_ice_components(session, session_media);
1680
1681                 enable_rtcp(session, session_media, remote_stream);
1682
1683                 res = setup_media_encryption(session, session_media, remote, remote_stream);
1684                 if (!session->endpoint->media.rtp.encryption_optimistic && res) {
1685                         /* If optimistic encryption is disabled and crypto should have been enabled but was not
1686                          * this session must fail.
1687                          */
1688                         return -1;
1689                 }
1690
1691                 if (!remote_stream->conn && !remote->conn) {
1692                         return 1;
1693                 }
1694
1695                 ast_copy_pj_str(host, remote_stream->conn ? &remote_stream->conn->addr : &remote->conn->addr, sizeof(host));
1696
1697                 /* Ensure that the address provided is valid */
1698                 if (ast_sockaddr_resolve(&addrs, host, PARSE_PORT_FORBID, AST_AF_UNSPEC) <= 0) {
1699                         /* The provided host was actually invalid so we error out this negotiation */
1700                         return -1;
1701                 }
1702
1703                 /* Apply connection information to the RTP instance */
1704                 ast_sockaddr_set_port(addrs, remote_stream->desc.port);
1705                 ast_rtp_instance_set_remote_address(session_media->rtp, addrs);
1706
1707                 ast_sip_session_media_set_write_callback(session, session_media, media_session_rtp_write_callback);
1708                 ast_sip_session_media_add_read_callback(session, session_media, ast_rtp_instance_fd(session_media->rtp, 0),
1709                         media_session_rtp_read_callback);
1710                 if (!session->endpoint->media.rtcp_mux || !session_media->remote_rtcp_mux) {
1711                         ast_sip_session_media_add_read_callback(session, session_media, ast_rtp_instance_fd(session_media->rtp, 1),
1712                                 media_session_rtcp_read_callback);
1713                 }
1714
1715                 /* If ICE support is enabled find all the needed attributes */
1716                 process_ice_attributes(session, session_media, remote, remote_stream);
1717         } else {
1718                 /* This is bundled with another session, so mark it as such */
1719                 ast_rtp_instance_bundle(session_media->rtp, session_media_transport->rtp);
1720                 ast_sip_session_media_set_write_callback(session, session_media, media_session_rtp_write_callback);
1721                 enable_rtcp(session, session_media, remote_stream);
1722         }
1723
1724         if (set_caps(session, session_media, session_media_transport, remote_stream, 0, asterisk_stream)) {
1725                 return 1;
1726         }
1727
1728         /* Set the channel uniqueid on the RTP instance now that it is becoming active */
1729         ast_channel_lock(session->channel);
1730         ast_rtp_instance_set_channel_id(session_media->rtp, ast_channel_uniqueid(session->channel));
1731         ast_channel_unlock(session->channel);
1732
1733         /* Ensure the RTP instance is active */
1734         ast_rtp_instance_set_stream_num(session_media->rtp, ast_stream_get_position(asterisk_stream));
1735         ast_rtp_instance_activate(session_media->rtp);
1736
1737         /* audio stream handles music on hold */
1738         if (media_type != AST_MEDIA_TYPE_AUDIO) {
1739                 if ((pjmedia_sdp_neg_was_answer_remote(session->inv_session->neg) == PJ_FALSE)
1740                         && (session->inv_session->state == PJSIP_INV_STATE_CONFIRMED)) {
1741                         ast_queue_control(session->channel, AST_CONTROL_UPDATE_RTP_PEER);
1742                 }
1743                 return 1;
1744         }
1745
1746         if (ast_sockaddr_isnull(addrs) ||
1747                 ast_sockaddr_is_any(addrs) ||
1748                 pjmedia_sdp_media_find_attr2(remote_stream, "sendonly", NULL) ||
1749                 pjmedia_sdp_media_find_attr2(remote_stream, "inactive", NULL)) {
1750                 if (!session_media->remotely_held) {
1751                         /* The remote side has put us on hold */
1752                         ast_queue_hold(session->channel, session->endpoint->mohsuggest);
1753                         ast_rtp_instance_stop(session_media->rtp);
1754                         ast_queue_frame(session->channel, &ast_null_frame);
1755                         session_media->remotely_held = 1;
1756                 }
1757         } else if (session_media->remotely_held) {
1758                 /* The remote side has taken us off hold */
1759                 ast_queue_unhold(session->channel);
1760                 ast_queue_frame(session->channel, &ast_null_frame);
1761                 session_media->remotely_held = 0;
1762         } else if ((pjmedia_sdp_neg_was_answer_remote(session->inv_session->neg) == PJ_FALSE)
1763                 && (session->inv_session->state == PJSIP_INV_STATE_CONFIRMED)) {
1764                 ast_queue_control(session->channel, AST_CONTROL_UPDATE_RTP_PEER);
1765         }
1766
1767         /* This purposely resets the encryption to the configured in case it gets added later */
1768         session_media->encryption = session->endpoint->media.rtp.encryption;
1769
1770         if (session->endpoint->media.rtp.keepalive > 0 &&
1771                         session_media->type == AST_MEDIA_TYPE_AUDIO) {
1772                 ast_rtp_instance_set_keepalive(session_media->rtp, session->endpoint->media.rtp.keepalive);
1773                 /* Schedule the initial keepalive early in case this is being used to punch holes through
1774                  * a NAT. This way there won't be an awkward delay before media starts flowing in some
1775                  * scenarios.
1776                  */
1777                 AST_SCHED_DEL(sched, session_media->keepalive_sched_id);
1778                 session_media->keepalive_sched_id = ast_sched_add_variable(sched, 500, send_keepalive,
1779                         session_media, 1);
1780         }
1781
1782         /* As the channel lock is not held during this process the scheduled item won't block if
1783          * it is hanging up the channel at the same point we are applying this negotiated SDP.
1784          */
1785         AST_SCHED_DEL(sched, session_media->timeout_sched_id);
1786
1787         /* Due to the fact that we only ever have one scheduled timeout item for when we are both
1788          * off hold and on hold we don't need to store the two timeouts differently on the RTP
1789          * instance itself.
1790          */
1791         ast_rtp_instance_set_timeout(session_media->rtp, 0);
1792         if (session->endpoint->media.rtp.timeout && !session_media->remotely_held) {
1793                 ast_rtp_instance_set_timeout(session_media->rtp, session->endpoint->media.rtp.timeout);
1794         } else if (session->endpoint->media.rtp.timeout_hold && session_media->remotely_held) {
1795                 ast_rtp_instance_set_timeout(session_media->rtp, session->endpoint->media.rtp.timeout_hold);
1796         }
1797
1798         if (ast_rtp_instance_get_timeout(session_media->rtp)) {
1799                 session_media->timeout_sched_id = ast_sched_add_variable(sched,
1800                         ast_rtp_instance_get_timeout(session_media->rtp) * 1000, rtp_check_timeout,
1801                         session_media, 1);
1802         }
1803
1804         return 1;
1805 }
1806
1807 /*! \brief Function which updates the media stream with external media address, if applicable */
1808 static void change_outgoing_sdp_stream_media_address(pjsip_tx_data *tdata, struct pjmedia_sdp_media *stream, struct ast_sip_transport *transport)
1809 {
1810         RAII_VAR(struct ast_sip_transport_state *, transport_state, ast_sip_get_transport_state(ast_sorcery_object_get_id(transport)), ao2_cleanup);
1811         char host[NI_MAXHOST];
1812         struct ast_sockaddr our_sdp_addr = { { 0, } };
1813
1814         /* If the stream has been rejected there will be no connection line */
1815         if (!stream->conn || !transport_state) {
1816                 return;
1817         }
1818
1819         ast_copy_pj_str(host, &stream->conn->addr, sizeof(host));
1820         ast_sockaddr_parse(&our_sdp_addr, host, PARSE_PORT_FORBID);
1821
1822         /* Reversed check here. We don't check the remote endpoint being
1823          * in our local net, but whether our outgoing session IP is
1824          * local. If it is not, we won't do rewriting. No localnet
1825          * configured? Always rewrite. */
1826         if (ast_sip_transport_is_nonlocal(transport_state, &our_sdp_addr) && transport_state->localnet) {
1827                 return;
1828         }
1829         ast_debug(5, "Setting media address to %s\n", ast_sockaddr_stringify_host(&transport_state->external_media_address));
1830         pj_strdup2(tdata->pool, &stream->conn->addr, ast_sockaddr_stringify_host(&transport_state->external_media_address));
1831 }
1832
1833 /*! \brief Function which stops the RTP instance */
1834 static void stream_stop(struct ast_sip_session_media *session_media)
1835 {
1836         if (!session_media->rtp) {
1837                 return;
1838         }
1839
1840         AST_SCHED_DEL(sched, session_media->keepalive_sched_id);
1841         AST_SCHED_DEL(sched, session_media->timeout_sched_id);
1842         ast_rtp_instance_stop(session_media->rtp);
1843 }
1844
1845 /*! \brief Function which destroys the RTP instance when session ends */
1846 static void stream_destroy(struct ast_sip_session_media *session_media)
1847 {
1848         if (session_media->rtp) {
1849                 stream_stop(session_media);
1850                 ast_rtp_instance_destroy(session_media->rtp);
1851         }
1852         session_media->rtp = NULL;
1853 }
1854
1855 /*! \brief SDP handler for 'audio' media stream */
1856 static struct ast_sip_session_sdp_handler audio_sdp_handler = {
1857         .id = STR_AUDIO,
1858         .negotiate_incoming_sdp_stream = negotiate_incoming_sdp_stream,
1859         .create_outgoing_sdp_stream = create_outgoing_sdp_stream,
1860         .apply_negotiated_sdp_stream = apply_negotiated_sdp_stream,
1861         .change_outgoing_sdp_stream_media_address = change_outgoing_sdp_stream_media_address,
1862         .stream_stop = stream_stop,
1863         .stream_destroy = stream_destroy,
1864 };
1865
1866 /*! \brief SDP handler for 'video' media stream */
1867 static struct ast_sip_session_sdp_handler video_sdp_handler = {
1868         .id = STR_VIDEO,
1869         .negotiate_incoming_sdp_stream = negotiate_incoming_sdp_stream,
1870         .create_outgoing_sdp_stream = create_outgoing_sdp_stream,
1871         .apply_negotiated_sdp_stream = apply_negotiated_sdp_stream,
1872         .change_outgoing_sdp_stream_media_address = change_outgoing_sdp_stream_media_address,
1873         .stream_stop = stream_stop,
1874         .stream_destroy = stream_destroy,
1875 };
1876
1877 static int video_info_incoming_request(struct ast_sip_session *session, struct pjsip_rx_data *rdata)
1878 {
1879         struct pjsip_transaction *tsx;
1880         pjsip_tx_data *tdata;
1881
1882         if (!session->channel
1883                 || !ast_sip_is_content_type(&rdata->msg_info.msg->body->content_type,
1884                         "application",
1885                         "media_control+xml")) {
1886                 return 0;
1887         }
1888
1889         tsx = pjsip_rdata_get_tsx(rdata);
1890
1891         ast_queue_control(session->channel, AST_CONTROL_VIDUPDATE);
1892
1893         if (pjsip_dlg_create_response(session->inv_session->dlg, rdata, 200, NULL, &tdata) == PJ_SUCCESS) {
1894                 pjsip_dlg_send_response(session->inv_session->dlg, tsx, tdata);
1895         }
1896
1897         return 0;
1898 }
1899
1900 static struct ast_sip_session_supplement video_info_supplement = {
1901         .method = "INFO",
1902         .incoming_request = video_info_incoming_request,
1903 };
1904
1905 /*! \brief Unloads the sdp RTP/AVP module from Asterisk */
1906 static int unload_module(void)
1907 {
1908         ast_sip_session_unregister_supplement(&video_info_supplement);
1909         ast_sip_session_unregister_sdp_handler(&video_sdp_handler, STR_VIDEO);
1910         ast_sip_session_unregister_sdp_handler(&audio_sdp_handler, STR_AUDIO);
1911
1912         if (sched) {
1913                 ast_sched_context_destroy(sched);
1914         }
1915
1916         return 0;
1917 }
1918
1919 /*!
1920  * \brief Load the module
1921  *
1922  * Module loading including tests for configuration or dependencies.
1923  * This function can return AST_MODULE_LOAD_FAILURE, AST_MODULE_LOAD_DECLINE,
1924  * or AST_MODULE_LOAD_SUCCESS. If a dependency or environment variable fails
1925  * tests return AST_MODULE_LOAD_FAILURE. If the module can not load the
1926  * configuration file or other non-critical problem return
1927  * AST_MODULE_LOAD_DECLINE. On success return AST_MODULE_LOAD_SUCCESS.
1928  */
1929 static int load_module(void)
1930 {
1931         CHECK_PJSIP_SESSION_MODULE_LOADED();
1932
1933         if (ast_check_ipv6()) {
1934                 ast_sockaddr_parse(&address_rtp, "::", 0);
1935         } else {
1936                 ast_sockaddr_parse(&address_rtp, "0.0.0.0", 0);
1937         }
1938
1939         if (!(sched = ast_sched_context_create())) {
1940                 ast_log(LOG_ERROR, "Unable to create scheduler context.\n");
1941                 goto end;
1942         }
1943
1944         if (ast_sched_start_thread(sched)) {
1945                 ast_log(LOG_ERROR, "Unable to create scheduler context thread.\n");
1946                 goto end;
1947         }
1948
1949         if (ast_sip_session_register_sdp_handler(&audio_sdp_handler, STR_AUDIO)) {
1950                 ast_log(LOG_ERROR, "Unable to register SDP handler for %s stream type\n", STR_AUDIO);
1951                 goto end;
1952         }
1953
1954         if (ast_sip_session_register_sdp_handler(&video_sdp_handler, STR_VIDEO)) {
1955                 ast_log(LOG_ERROR, "Unable to register SDP handler for %s stream type\n", STR_VIDEO);
1956                 goto end;
1957         }
1958
1959         ast_sip_session_register_supplement(&video_info_supplement);
1960
1961         return AST_MODULE_LOAD_SUCCESS;
1962 end:
1963         unload_module();
1964
1965         return AST_MODULE_LOAD_DECLINE;
1966 }
1967
1968 AST_MODULE_INFO(ASTERISK_GPL_KEY, AST_MODFLAG_LOAD_ORDER, "PJSIP SDP RTP/AVP stream handler",
1969         .support_level = AST_MODULE_SUPPORT_CORE,
1970         .load = load_module,
1971         .unload = unload_module,
1972         .load_pri = AST_MODPRI_CHANNEL_DRIVER,
1973         .requires = "res_pjsip,res_pjsip_session",
1974 );