|
@@ -367,7 +367,7 @@ int DtlsTransport::TimeoutCallback(gnutls_transport_ptr_t ptr, unsigned int /* m
|
|
|
|
|
|
#elif USE_MBEDTLS
|
|
|
|
|
|
-mbedtls_ssl_srtp_profile srtpSupportedProtectionProfiles[] = {
|
|
|
+const mbedtls_ssl_srtp_profile srtpSupportedProtectionProfiles[] = {
|
|
|
MBEDTLS_TLS_SRTP_AES128_CM_HMAC_SHA1_80,
|
|
|
MBEDTLS_TLS_SRTP_UNSET,
|
|
|
};
|
|
@@ -473,15 +473,15 @@ bool DtlsTransport::send(message_ptr message) {
|
|
|
|
|
|
int ret;
|
|
|
do {
|
|
|
- std::lock_guard lock(mMutex);
|
|
|
- mCurrentDscp = message->dscp;
|
|
|
-
|
|
|
+ std::lock_guard lock(mSslMutex);
|
|
|
if (message->size() > size_t(mbedtls_ssl_get_max_out_record_payload(&mSsl)))
|
|
|
return false;
|
|
|
|
|
|
+ mCurrentDscp = message->dscp;
|
|
|
ret = mbedtls_ssl_write(&mSsl, reinterpret_cast<const unsigned char *>(message->data()),
|
|
|
message->size());
|
|
|
} while (ret == MBEDTLS_ERR_SSL_WANT_WRITE);
|
|
|
+
|
|
|
mbedtls::check(ret);
|
|
|
|
|
|
return mOutgoingResult;
|
|
@@ -529,7 +529,11 @@ void DtlsTransport::doRecv() {
|
|
|
// Handle handshake if connecting
|
|
|
if (state() == State::Connecting) {
|
|
|
while (true) {
|
|
|
- auto ret = mbedtls_ssl_handshake(&mSsl);
|
|
|
+ int ret;
|
|
|
+ {
|
|
|
+ std::lock_guard lock(mSslMutex);
|
|
|
+ ret = mbedtls_ssl_handshake(&mSsl);
|
|
|
+ }
|
|
|
|
|
|
if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
|
|
|
ThreadPool::Instance().schedule(mTimerSetAt + milliseconds(mFinMs),
|
|
@@ -541,8 +545,9 @@ void DtlsTransport::doRecv() {
|
|
|
}
|
|
|
|
|
|
if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ||
|
|
|
- ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS)
|
|
|
+ ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
|
|
|
continue;
|
|
|
+ }
|
|
|
|
|
|
mbedtls::check(ret, "Handshake failed");
|
|
|
|
|
@@ -555,17 +560,19 @@ void DtlsTransport::doRecv() {
|
|
|
|
|
|
if (state() == State::Connected) {
|
|
|
while (true) {
|
|
|
- mMutex.lock();
|
|
|
- auto ret =
|
|
|
- mbedtls_ssl_read(&mSsl, reinterpret_cast<unsigned char *>(buffer), bufferSize);
|
|
|
- mMutex.unlock();
|
|
|
+ int ret;
|
|
|
+ {
|
|
|
+ std::lock_guard lock(mSslMutex);
|
|
|
+ ret = mbedtls_ssl_read(&mSsl, reinterpret_cast<unsigned char *>(buffer),
|
|
|
+ bufferSize);
|
|
|
+ }
|
|
|
|
|
|
if (ret == MBEDTLS_ERR_SSL_WANT_READ || ret == MBEDTLS_ERR_SSL_WANT_WRITE) {
|
|
|
return;
|
|
|
}
|
|
|
|
|
|
if (ret == MBEDTLS_ERR_SSL_ASYNC_IN_PROGRESS ||
|
|
|
- ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
|
|
|
+ ret == MBEDTLS_ERR_SSL_CRYPTO_IN_PROGRESS) {
|
|
|
continue;
|
|
|
}
|
|
|
|