#include "content/browser/renderer_host/p2p/socket_host.h"
+#include "base/metrics/histogram.h"
#include "base/sys_byteorder.h"
#include "content/browser/renderer_host/p2p/socket_host_tcp.h"
#include "content/browser/renderer_host/p2p/socket_host_tcp_server.h"
#include "content/browser/renderer_host/render_process_host_impl.h"
#include "content/public/browser/browser_thread.h"
#include "crypto/hmac.h"
-#include "third_party/libjingle/source/talk/base/asyncpacketsocket.h"
-#include "third_party/libjingle/source/talk/base/byteorder.h"
-#include "third_party/libjingle/source/talk/base/messagedigest.h"
-#include "third_party/libjingle/source/talk/p2p/base/stun.h"
+#include "third_party/webrtc/base/asyncpacketsocket.h"
+#include "third_party/webrtc/base/byteorder.h"
+#include "third_party/webrtc/base/messagedigest.h"
+#include "third_party/webrtc/p2p/base/stun.h"
namespace {
const uint32 kStunMagicCookie = 0x2112A442;
-const int kMinRtpHdrLen = 12;
-const int kRtpExtnHdrLen = 4;
-const int kDtlsRecordHeaderLen = 13;
-const int kTurnChannelHdrLen = 4;
-const int kAbsSendTimeExtnLen = 3;
-const int kOneByteHdrLen = 1;
+const size_t kMinRtpHeaderLength = 12;
+const size_t kMinRtcpHeaderLength = 8;
+const size_t kRtpExtensionHeaderLength = 4;
+const size_t kDtlsRecordHeaderLength = 13;
+const size_t kTurnChannelHeaderLength = 4;
+const size_t kAbsSendTimeExtensionLength = 3;
+const size_t kOneByteHeaderLength = 1;
+const size_t kMaxRtpPacketLength = 2048;
// Fake auth tag written by the render process if external authentication is
// enabled. HMAC in packet will be compared against this value before updating
0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd
};
-bool IsTurnChannelData(const char* data) {
- return ((*data & 0xC0) == 0x40);
+bool IsTurnChannelData(const char* data, size_t length) {
+ return length >= kTurnChannelHeaderLength && ((*data & 0xC0) == 0x40);
}
-bool IsDtlsPacket(const char* data, int len) {
+bool IsDtlsPacket(const char* data, size_t length) {
const uint8* u = reinterpret_cast<const uint8*>(data);
- return (len >= kDtlsRecordHeaderLen && (u[0] > 19 && u[0] < 64));
+ return (length >= kDtlsRecordHeaderLength && (u[0] > 19 && u[0] < 64));
}
-bool IsRtcpPacket(const char* data) {
+bool IsRtcpPacket(const char* data, size_t length) {
+ if (length < kMinRtcpHeaderLength) {
+ return false;
+ }
+
int type = (static_cast<uint8>(data[1]) & 0x7F);
return (type >= 64 && type < 96);
}
-bool IsTurnSendIndicationPacket(const char* data) {
- uint16 type = talk_base::GetBE16(data);
+bool IsTurnSendIndicationPacket(const char* data, size_t length) {
+ if (length < content::P2PSocketHost::kStunHeaderSize) {
+ return false;
+ }
+
+ uint16 type = rtc::GetBE16(data);
return (type == cricket::TURN_SEND_INDICATION);
}
-bool IsRtpPacket(const char* data, int len) {
- return ((*data & 0xC0) == 0x80);
+bool IsRtpPacket(const char* data, size_t length) {
+ return (length >= kMinRtpHeaderLength) && ((*data & 0xC0) == 0x80);
}
// Verifies rtp header and message length.
-bool ValidateRtpHeader(const char* rtp, int length, size_t* header_length) {
- if (header_length)
+bool ValidateRtpHeader(const char* rtp, size_t length, size_t* header_length) {
+ if (header_length) {
*header_length = 0;
+ }
+
+ if (length < kMinRtpHeaderLength) {
+ return false;
+ }
- int cc_count = rtp[0] & 0x0F;
- int rtp_hdr_len_without_extn = kMinRtpHdrLen + 4 * cc_count;
- if (rtp_hdr_len_without_extn > length) {
+ size_t cc_count = rtp[0] & 0x0F;
+ size_t header_length_without_extension = kMinRtpHeaderLength + 4 * cc_count;
+ if (header_length_without_extension > length) {
return false;
}
// length is verified above.
if (!(rtp[0] & 0x10)) {
if (header_length)
- *header_length = rtp_hdr_len_without_extn;
+ *header_length = header_length_without_extension;
return true;
}
- rtp += rtp_hdr_len_without_extn;
+ rtp += header_length_without_extension;
+
+ if (header_length_without_extension + kRtpExtensionHeaderLength > length) {
+ return false;
+ }
// Getting extension profile length.
// Length is in 32 bit words.
- uint16 extn_length = talk_base::GetBE16(rtp + 2) * 4;
+ uint16 extension_length_in_32bits = rtc::GetBE16(rtp + 2);
+ size_t extension_length = extension_length_in_32bits * 4;
+
+ size_t rtp_header_length = extension_length +
+ header_length_without_extension +
+ kRtpExtensionHeaderLength;
// Verify input length against total header size.
- if (rtp_hdr_len_without_extn + kRtpExtnHdrLen + extn_length > length) {
+ if (rtp_header_length > length) {
return false;
}
- if (header_length)
- *header_length = rtp_hdr_len_without_extn + kRtpExtnHdrLen + extn_length;
+ if (header_length) {
+ *header_length = rtp_header_length;
+ }
return true;
}
-void UpdateAbsSendTimeExtnValue(char* extn_data, int len,
- uint32 abs_send_time) {
+void UpdateAbsSendTimeExtensionValue(char* extension_data,
+ size_t length,
+ uint32 abs_send_time) {
// Absolute send time in RTP streams.
//
// The absolute send time is signaled to the receiver in-band using the
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// | ID | len=2 | absolute send time |
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- DCHECK_EQ(len, kAbsSendTimeExtnLen);
+ if (length != kAbsSendTimeExtensionLength) {
+ NOTREACHED();
+ return;
+ }
+
// Now() has resolution ~1-15ms, using HighResNow(). But it is warned not to
// use it unless necessary, as it is expensive than Now().
uint32 now_second = abs_send_time;
((now_us << 18) / base::Time::kMicrosecondsPerSecond) & 0x00FFFFFF;
}
// TODO(mallinath) - Add SetBE24 to byteorder.h in libjingle.
- extn_data[0] = static_cast<uint8>(now_second >> 16);
- extn_data[1] = static_cast<uint8>(now_second >> 8);
- extn_data[2] = static_cast<uint8>(now_second);
+ extension_data[0] = static_cast<uint8>(now_second >> 16);
+ extension_data[1] = static_cast<uint8>(now_second >> 8);
+ extension_data[2] = static_cast<uint8>(now_second);
}
-// Assumes |len| is actual packet length + tag length. Updates HMAC at end of
+// Assumes |length| is actual packet length + tag length. Updates HMAC at end of
// the RTP packet.
-void UpdateRtpAuthTag(char* rtp, int len,
- const talk_base::PacketOptions& options) {
+void UpdateRtpAuthTag(char* rtp,
+ size_t length,
+ const rtc::PacketOptions& options) {
// If there is no key, return.
- if (options.packet_time_params.srtp_auth_key.empty())
+ if (options.packet_time_params.srtp_auth_key.empty()) {
return;
+ }
size_t tag_length = options.packet_time_params.srtp_auth_tag_len;
- char* auth_tag = rtp + (len - tag_length);
- // We should have a fake HMAC value @ auth_tag.
- DCHECK_EQ(0, memcmp(auth_tag, kFakeAuthTag, tag_length));
+ // ROC (rollover counter) is at the beginning of the auth tag.
+ const size_t kRocLength = 4;
+ if (tag_length < kRocLength || tag_length > length) {
+ NOTREACHED();
+ return;
+ }
crypto::HMAC hmac(crypto::HMAC::SHA1);
if (!hmac.Init(reinterpret_cast<const unsigned char*>(
return;
}
- if (hmac.DigestLength() < tag_length) {
+ if (tag_length > hmac.DigestLength()) {
NOTREACHED();
return;
}
+ char* auth_tag = rtp + (length - tag_length);
+
+ // We should have a fake HMAC value @ auth_tag.
+ DCHECK_EQ(0, memcmp(auth_tag, kFakeAuthTag, tag_length));
+
// Copy ROC after end of rtp packet.
- memcpy(auth_tag, &options.packet_time_params.srtp_packet_index, 4);
+ memcpy(auth_tag, &options.packet_time_params.srtp_packet_index, kRocLength);
// Authentication of a RTP packet will have RTP packet + ROC size.
- int auth_required_length = len - tag_length + 4;
+ int auth_required_length = length - tag_length + kRocLength;
unsigned char output[64];
if (!hmac.Sign(base::StringPiece(rtp, auth_required_length),
namespace packet_processing_helpers {
-bool ApplyPacketOptions(char* data, int length,
- const talk_base::PacketOptions& options,
+bool ApplyPacketOptions(char* data,
+ size_t length,
+ const rtc::PacketOptions& options,
uint32 abs_send_time) {
DCHECK(data != NULL);
DCHECK(length > 0);
}
DCHECK(!IsDtlsPacket(data, length));
- DCHECK(!IsRtcpPacket(data));
+ DCHECK(!IsRtcpPacket(data, length));
// If there is a srtp auth key present then packet must be a RTP packet.
// RTP packet may have been wrapped in a TURN Channel Data or
// TURN send indication.
- int rtp_start_pos;
- int rtp_length;
+ size_t rtp_start_pos;
+ size_t rtp_length;
if (!GetRtpPacketStartPositionAndLength(
data, length, &rtp_start_pos, &rtp_length)) {
// This method should never return false.
// then we should parse the rtp packet to update the timestamp. Otherwise
// just calculate HMAC and update packet with it.
if (options.packet_time_params.rtp_sendtime_extension_id != -1) {
- UpdateRtpAbsSendTimeExtn(
- start, rtp_length,
- options.packet_time_params.rtp_sendtime_extension_id, abs_send_time);
+ UpdateRtpAbsSendTimeExtension(
+ start,
+ rtp_length,
+ options.packet_time_params.rtp_sendtime_extension_id,
+ abs_send_time);
}
UpdateRtpAuthTag(start, rtp_length, options);
}
bool GetRtpPacketStartPositionAndLength(const char* packet,
- int length,
- int* rtp_start_pos,
- int* rtp_packet_length) {
- int rtp_begin, rtp_length;
- if (IsTurnChannelData(packet)) {
+ size_t length,
+ size_t* rtp_start_pos,
+ size_t* rtp_packet_length) {
+ if (length < kMinRtpHeaderLength || length > kMaxRtpPacketLength) {
+ return false;
+ }
+
+ size_t rtp_begin;
+ size_t rtp_length = 0;
+ if (IsTurnChannelData(packet, length)) {
// Turn Channel Message header format.
// 0 1 2 3
// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
// / Application Data /
// / /
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- if (length < kTurnChannelHdrLen) {
- return false;
- }
-
- rtp_begin = kTurnChannelHdrLen;
- rtp_length = talk_base::GetBE16(&packet[2]);
- if (length < rtp_length + kTurnChannelHdrLen) {
- return false;
- }
- } else if (IsTurnSendIndicationPacket(packet)) {
- if (length <= P2PSocketHost::kStunHeaderSize) {
- // Message must be greater than 20 bytes, if it's carrying any payload.
+ rtp_begin = kTurnChannelHeaderLength;
+ rtp_length = rtc::GetBE16(&packet[2]);
+ if (length < rtp_length + kTurnChannelHeaderLength) {
return false;
}
+ } else if (IsTurnSendIndicationPacket(packet, length)) {
// Validate STUN message length.
- int stun_msg_len = talk_base::GetBE16(&packet[2]);
- if (stun_msg_len + P2PSocketHost::kStunHeaderSize != length) {
+ const size_t stun_message_length = rtc::GetBE16(&packet[2]);
+ if (stun_message_length + P2PSocketHost::kStunHeaderSize != length) {
return false;
}
// First skip mandatory stun header which is of 20 bytes.
rtp_begin = P2PSocketHost::kStunHeaderSize;
// Loop through STUN attributes until we find STUN DATA attribute.
- const char* start = packet + rtp_begin;
bool data_attr_present = false;
- while ((packet + rtp_begin) - start < stun_msg_len) {
+ while (rtp_begin < length) {
// Keep reading STUN attributes until we hit DATA attribute.
// Attribute will be a TLV structure.
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// padding so that its value contains a multiple of 4 bytes. The
// padding bits are ignored, and may be any value.
uint16 attr_type, attr_length;
+ const int kAttrHeaderLength = sizeof(attr_type) + sizeof(attr_length);
+
+ if (length < rtp_begin + kAttrHeaderLength) {
+ return false;
+ }
+
// Getting attribute type and length.
- attr_type = talk_base::GetBE16(&packet[rtp_begin]);
- attr_length = talk_base::GetBE16(
+ attr_type = rtc::GetBE16(&packet[rtp_begin]);
+ attr_length = rtc::GetBE16(
&packet[rtp_begin + sizeof(attr_type)]);
+
+ rtp_begin += kAttrHeaderLength; // Skip STUN_DATA_ATTR header.
+
// Checking for bogus attribute length.
- if (length < attr_length + rtp_begin) {
+ if (length < rtp_begin + attr_length) {
return false;
}
if (attr_type != cricket::STUN_ATTR_DATA) {
- rtp_begin += sizeof(attr_type) + sizeof(attr_length) + attr_length;
+ rtp_begin += attr_length;
if ((attr_length % 4) != 0) {
rtp_begin += (4 - (attr_length % 4));
}
}
data_attr_present = true;
- rtp_begin += 4; // Skip STUN_DATA_ATTR header.
rtp_length = attr_length;
- // One final check of length before exiting.
- if (length < rtp_length + rtp_begin) {
- return false;
- }
+
// We found STUN_DATA_ATTR. We can skip parsing rest of the packet.
break;
}
}
// Making sure we have a valid RTP packet at the end.
- if (!(rtp_length < kMinRtpHdrLen) &&
- IsRtpPacket(packet + rtp_begin, rtp_length) &&
+ if (IsRtpPacket(packet + rtp_begin, rtp_length) &&
ValidateRtpHeader(packet + rtp_begin, rtp_length, NULL)) {
*rtp_start_pos = rtp_begin;
*rtp_packet_length = rtp_length;
// ValidateRtpHeader must be called before this method to make sure, we have
// a sane rtp packet.
-bool UpdateRtpAbsSendTimeExtn(char* rtp, int length,
- int extension_id, uint32 abs_send_time) {
+bool UpdateRtpAbsSendTimeExtension(char* rtp,
+ size_t length,
+ int extension_id,
+ uint32 abs_send_time) {
// 0 1 2 3
// 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
return true;
}
- int cc_count = rtp[0] & 0x0F;
- int rtp_hdr_len_without_extn = kMinRtpHdrLen + 4 * cc_count;
+ size_t cc_count = rtp[0] & 0x0F;
+ size_t header_length_without_extension = kMinRtpHeaderLength + 4 * cc_count;
- rtp += rtp_hdr_len_without_extn;
+ rtp += header_length_without_extension;
// Getting extension profile ID and length.
- uint16 profile_id = talk_base::GetBE16(rtp);
+ uint16 profile_id = rtc::GetBE16(rtp);
// Length is in 32 bit words.
- uint16 extn_length = talk_base::GetBE16(rtp + 2) * 4;
+ uint16 extension_length_in_32bits = rtc::GetBE16(rtp + 2);
+ size_t extension_length = extension_length_in_32bits * 4;
- rtp += kRtpExtnHdrLen; // Moving past extn header.
+ rtp += kRtpExtensionHeaderLength; // Moving past extension header.
bool found = false;
// WebRTC is using one byte header extension.
// 0
// 0 1 2 3 4 5 6 7
// +-+-+-+-+-+-+-+-+
- // | ID | len |
+ // | ID |length |
// +-+-+-+-+-+-+-+-+
// 0 1 2 3
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// | data |
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
- char* extn_start = rtp;
- while (rtp - extn_start < extn_length) {
+ const char* extension_start = rtp;
+ const char* extension_end = extension_start + extension_length;
+
+ while (rtp < extension_end) {
const int id = (*rtp & 0xF0) >> 4;
- const int len = (*rtp & 0x0F) + 1;
+ const size_t length = (*rtp & 0x0F) + 1;
+ if (rtp + kOneByteHeaderLength + length > extension_end) {
+ return false;
+ }
// The 4-bit length is the number minus one of data bytes of this header
// extension element following the one-byte header.
if (id == extension_id) {
- UpdateAbsSendTimeExtnValue(rtp + kOneByteHdrLen, len, abs_send_time);
+ UpdateAbsSendTimeExtensionValue(
+ rtp + kOneByteHeaderLength, length, abs_send_time);
found = true;
break;
}
- rtp += kOneByteHdrLen + len;
+ rtp += kOneByteHeaderLength + length;
// Counting padding bytes.
- while ((*rtp == 0) && (rtp - extn_start < extn_length)) {
+ while ((rtp < extension_end) && (*rtp == 0)) {
++rtp;
}
}
} // packet_processing_helpers
-P2PSocketHost::P2PSocketHost(IPC::Sender* message_sender, int socket_id)
+P2PSocketHost::P2PSocketHost(IPC::Sender* message_sender,
+ int socket_id,
+ ProtocolType protocol_type)
: message_sender_(message_sender),
id_(socket_id),
state_(STATE_UNINITIALIZED),
dump_incoming_rtp_packet_(false),
dump_outgoing_rtp_packet_(false),
- weak_ptr_factory_(this) {
+ weak_ptr_factory_(this),
+ protocol_type_(protocol_type),
+ send_packets_delayed_total_(0),
+ send_packets_total_(0),
+ send_bytes_delayed_max_(0),
+ send_bytes_delayed_cur_(0) {
}
-P2PSocketHost::~P2PSocketHost() { }
+P2PSocketHost::~P2PSocketHost() {
+ if (protocol_type_ == P2PSocketHost::UDP) {
+ UMA_HISTOGRAM_COUNTS_10000("WebRTC.SystemMaxConsecutiveBytesDelayed_UDP",
+ send_bytes_delayed_max_);
+ } else {
+ UMA_HISTOGRAM_COUNTS_10000("WebRTC.SystemMaxConsecutiveBytesDelayed_TCP",
+ send_bytes_delayed_max_);
+ }
+
+ if (send_packets_total_ > 0) {
+ int delay_rate = (send_packets_delayed_total_ * 100) / send_packets_total_;
+ if (protocol_type_ == P2PSocketHost::UDP) {
+ UMA_HISTOGRAM_PERCENTAGE("WebRTC.SystemPercentPacketsDelayed_UDP",
+ delay_rate);
+ } else {
+ UMA_HISTOGRAM_PERCENTAGE("WebRTC.SystemPercentPacketsDelayed_TCP",
+ delay_rate);
+ }
+ }
+}
// Verifies that the packet |data| has a valid STUN header.
// static
bool P2PSocketHost::GetStunPacketType(
const char* data, int data_size, StunMessageType* type) {
- if (data_size < kStunHeaderSize)
+ if (data_size < kStunHeaderSize) {
return false;
+ }
uint32 cookie = base::NetToHost32(*reinterpret_cast<const uint32*>(data + 4));
- if (cookie != kStunMagicCookie)
+ if (cookie != kStunMagicCookie) {
return false;
+ }
uint16 length = base::NetToHost16(*reinterpret_cast<const uint16*>(data + 2));
- if (length != data_size - kStunHeaderSize)
+ if (length != data_size - kStunHeaderSize) {
return false;
+ }
int message_type = base::NetToHost16(*reinterpret_cast<const uint16*>(data));
DCHECK(!packet_callback.is_null());
DCHECK(incoming || outgoing);
- if (incoming)
+ if (incoming) {
dump_incoming_rtp_packet_ = true;
+ }
- if (outgoing)
+ if (outgoing) {
dump_outgoing_rtp_packet_ = true;
+ }
packet_dump_callback_ = packet_callback;
}
DCHECK(BrowserThread::CurrentlyOn(BrowserThread::IO));
DCHECK(incoming || outgoing);
- if (incoming)
+ if (incoming) {
dump_incoming_rtp_packet_ = false;
+ }
- if (outgoing)
+ if (outgoing) {
dump_outgoing_rtp_packet_ = false;
+ }
- if (!dump_incoming_rtp_packet_ && !dump_outgoing_rtp_packet_)
+ if (!dump_incoming_rtp_packet_ && !dump_outgoing_rtp_packet_) {
packet_dump_callback_.Reset();
+ }
}
void P2PSocketHost::DumpRtpPacket(const char* packet,
size_t length,
bool incoming) {
- if (IsDtlsPacket(packet, length) || IsRtcpPacket(packet))
+ if (IsDtlsPacket(packet, length) || IsRtcpPacket(packet, length)) {
return;
+ }
- int rtp_packet_pos = 0;
- int rtp_packet_length = length;
+ size_t rtp_packet_pos = 0;
+ size_t rtp_packet_length = length;
if (!packet_processing_helpers::GetRtpPacketStartPositionAndLength(
- packet, length, &rtp_packet_pos, &rtp_packet_length))
+ packet, length, &rtp_packet_pos, &rtp_packet_length)) {
return;
+ }
packet += rtp_packet_pos;
incoming));
}
+void P2PSocketHost::IncrementDelayedPackets() {
+ send_packets_delayed_total_++;
+}
+
+void P2PSocketHost::IncrementTotalSentPackets() {
+ send_packets_total_++;
+}
+
+void P2PSocketHost::IncrementDelayedBytes(uint32 size) {
+ send_bytes_delayed_cur_ += size;
+ if (send_bytes_delayed_cur_ > send_bytes_delayed_max_) {
+ send_bytes_delayed_max_ = send_bytes_delayed_cur_;
+ }
+}
+
+void P2PSocketHost::DecrementDelayedBytes(uint32 size) {
+ send_bytes_delayed_cur_ -= size;
+ DCHECK_GE(send_bytes_delayed_cur_, 0);
+}
+
} // namespace content