From 3dd2bbf23cb8c7c1f4efc4106858602fb9e57ecc Mon Sep 17 00:00:00 2001
From: Miguel Paris <mparisdiaz@gmail.com>
Date: Wed, 1 Apr 2020 18:08:45 +0200
Subject: [PATCH] dtlsconnection: do not set keys_exported flag if actually not
 exported

keys_exported flag should be set only if keys are actually exported.
For that the next conditions are needed:
  1 - SSL_export_keying_material on success
  2 - SSL_get_selected_srtp_profile returns a valid profile
  3 - The profile ID is SRTP_AES128_CM_SHA1_80 or SRTP_AES128_CM_SHA1_32

Also don't crash if NULL is returned as profile.

Part-of: <https://gitlab.freedesktop.org/gstreamer/gst-plugins-bad/-/merge_requests/1156>
---
 ext/dtls/gstdtlsconnection.c | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/ext/dtls/gstdtlsconnection.c b/ext/dtls/gstdtlsconnection.c
index b9ea1ef..026d905 100644
--- a/ext/dtls/gstdtlsconnection.c
+++ b/ext/dtls/gstdtlsconnection.c
@@ -895,6 +895,12 @@ export_srtp_keys (GstDtlsConnection * self)
 
   profile = SSL_get_selected_srtp_profile (self->priv->ssl);
 
+  if (!profile) {
+    GST_WARNING_OBJECT (self,
+        "no srtp capabilities negotiated during handshake");
+    return;
+  }
+
   GST_INFO_OBJECT (self, "keys received, profile is %s", profile->name);
 
   switch (profile->id) {
@@ -908,7 +914,7 @@ export_srtp_keys (GstDtlsConnection * self)
       break;
     default:
       GST_WARNING_OBJECT (self, "invalid crypto suite set by handshake");
-      goto beach;
+      return;
   }
 
   client_key.key = exported_keys.client_key;
@@ -928,7 +934,6 @@ export_srtp_keys (GstDtlsConnection * self)
         auth);
   }
 
-beach:
   self->priv->keys_exported = TRUE;
 }
 
-- 
2.7.4