[关闭]
@leaveye 2025-10-02T15:28:53.000000Z 字数 5985 阅读 105

数据所沟通

shujusuo rtp srtp problem

SRTP

测试现象

  1. 建立视音频通讯,启动发送和接收端(先后无关)
  2. 保持一小段时间(2分钟以上,时间短不出异常)
  3. 停止接收端(保持则不出异常)
  4. 再次开启接收端
  5. 接收侧一直报错 err 7 ,授权失败

这里面:

涉及的调用流程

sequenceDiagram participant P as 编码器 actor U as 用户/平台 box 解码器 participant A as 控制源/SIP代理 participant X as 传输服务 participant B as srtp 上下文 participant D as 解码服务 end U -) A: 启动接收
步骤1、4 A -->> X: startRx() activate X X ->> B: once_call() %% activate X Note right of X: srtp_init()
atexit(srtp_shutdown) X ->> B: set policy X ->> B: srtp_create() loop 数据接收中 P -) X: rtp packet X ->> B: srtp_unprotect() X -) D: raw data end U -) A: 停止接收
步骤3 A -->> X: stopRx() X -->> B: srtp_dealloc() %% deactivate X deactivate X

在用的核心代码样本

  1. class underlying_policy : public srtp_policy_t {
  2. public:
  3.     underlying_policy(const Side side, const Type type, const string &key) : srtp_policy_t(), _side(side), _type(type), _key_stuff(key.begin(), key.end()) {
  4.         static once_flag once{};
  5.         call_once(once, [] {
  6.             const auto err = srtp_init();
  7.             if (err) throw srtp_error(err, "srtp_init failed");
  8.             // warnx("... srtp_init done");
  9.             atexit([]() {
  10.                 // warnx("... srtp_shutdown calling");
  11.                 const auto err_ = srtp_shutdown();
  12.                 if (err_) throw srtp_error(err_, "srtp_shutdown failed");
  13.             });
  14.         });
  16.         void(*init_policy)(srtp_crypto_policy_t*);
  18.         switch (type) {
  19.         case SM4_ECB_128_HMAC_SM3_80:
  20.             init_policy = srtp_crypto_policy_set_sdt_soft_sm4_ecb_hmac_soft_sm3;
  21.             break;
  22.         case SM4_CTR_128_HMAC_SM3_80:
  23.             init_policy = srtp_crypto_policy_set_sdt_sw_soft_sm4_ctr_hmac_soft_sm3;
  24.             break;
  25.         default:
  26.             throw invalid_argument("invalid type");
  27.         }
  29.         switch (side) {
  30.         case INBOUND: {
  31.             // warnx("... from demo/recv");
  32.             this->ssrc.type = ssrc_any_inbound;
  33.             this->key = _key_stuff.data();
  34.             this->window_size = 1024;
  35.             this->allow_repeat_tx = 0;
  36.             init_policy(&this->rtp);
  37.         }   break;
  39.         case OUTBOUND: {
  40.             // warnx("... from demo/send");
  41.             init_policy(&this->rtp);
  42.             this->ssrc.type = ssrc_any_outbound;
  43.             this->key = _key_stuff.data();
  44.             this->window_size = 1024;
  45.             this->allow_repeat_tx = 0;
  46.         }   break;
  48.         default:
  49.             throw invalid_argument("invalid side");
  50.         }
  51.     }
  53.     ...
  54. };
  56. class underlying_cryptor {
  57. public:
  58.     ~underlying_cryptor() {
  59.         const auto dummy = _ctx; _ctx = nullptr;
  60.         const auto err = srtp_dealloc(dummy);
  61.         if (err) errx(err, "srtp_dealloc failed");
  62.         // warnx("... srtp_dealloc done");
  63.     }
  65.     explicit underlying_cryptor(underlying_policy policy) : _policy(std::move(policy)) {
  66.         const auto err = srtp_create(&_ctx, &_policy);
  67.         if (err) throw srtp_error(err, "srtp_create failed");
  68.         warnx("... srtp_create done %p", _ctx);
  69.     }
  71.     BufferPtr process_unsafe(const void *buf, const size_t len) {
  72.         static const auto show_buf = [](const void *buf, const size_t len) {
  73.             const auto repr = to_hex({(const char *)buf, len});
  74.             warnx("... %zu: %s", len, repr.c_str());
  75.         };
  76.         _counter.run++;
  77.         switch (_policy.side()) {
  78.         case INBOUND: {
  79.             // warnx("... from demo/recv");
  80.             // return unprotect(buf, len);
  81.             const auto out = make_shared<Buffer>((const char *) buf, len);
  82.             const auto out_buf = const_cast<char*>(out->data());
  83.             int out_len = out->size();
  84.             const auto err = srtp_unprotect(_ctx, out_buf, &out_len);
  85.             if (err) {
  86.                 _counter.err++;
  87.                 throw srtp_error(err, "srtp_unprotect failed");
  88.             }
  89.             const auto real_len = check_padding(out_buf, out_len);
  90.             if (!real_len) {
  91.                 return {};
  92.             }
  93.             out->resize(real_len);
  94.             _counter.ok++;
  95.             return out;
  96.         }
  98.         case OUTBOUND: {
  99.             // warnx("... from demo/send");
  100.             const auto policy_data = _policy.show();
  101.             // warnx("... policy: %s", policy_data.c_str());
  102.             // return protect(buf, len);
  103.             const auto out = make_shared<Buffer>();
  104.             out->resize(len + Cryptor::CRYPT_OVERHEAD_SIZE);
  105.             const auto out_buf = const_cast<char*>(out->data());
  106.             memcpy(out_buf, buf, len);
  107.             // show_buf(out_buf, len);
  108.             int out_len = make_padding(out_buf, len);
  109.             // show_buf(out_buf, out_len);
  110.             const auto err = srtp_protect(_ctx, out_buf, &out_len);
  111.             if (err) {
  112.                 _counter.err++;
  113.                 throw srtp_error(err, "srtp_protect failed");
  114.             }
  115.             // show_buf(out_buf, out_len);
  116.             out->resize(out_len);
  117.             _counter.ok++;
  118.             return out;
  119.         }
  121.         default:
  122.             _counter.err++;
  123.             throw srtp_error("invalid side");
  124.         }
  125.     }
  127.     BufferPtr process(const void *buf, const size_t len) {
  128.         try {
  129.             return process_unsafe(buf, len);
  130.         } catch (srtp_error &e) {
  131.             warnx("ERROR: process failed: %s", e.what());
  132.             throw;
  133.         } catch (...) {
  134.             warnx("ERROR: process failed: uncatched error");
  135.             throw;
  136.         }
  137.     }
  139. private:
  140.     static int check_padding(void *buf, const uint len) {
  141.         if (len < 12) return 0;
  142.         auto data = (uint8_t *) buf;
  143.         const auto q = data + len;
  144.         data += 12;
  145.         const uint8_t pad_len = q[-1] & 0x1F;
  146.         if (q - data < pad_len) return 0;
  147.         for (auto p = q - pad_len; p + 1 < q; p++)
  148.             if (*p != 0xAF)
  149.                 return 0;
  150.         return len - pad_len;
  151.     }
  153.     // 在用的版本。如前所说还没用扩展包,偏移写死。
  154.     static int make_padding(void *buf, const uint len) {
  155.         assert(len > 12 && "rtp packet must be gt 12");
  156.         auto data = (uint8_t *) buf;
  157.         auto p = data + len;
  158.         data += 12;
  159.         const uint8_t pad_len = 16 - (p - data) % 16;
  160.         auto q = p + pad_len;
  161.         *--q = pad_len & 0x1F;
  162.         while (p < q) *p++ = 0xAF;
  163.         assert(p == q && "not correctly finished");
  164.         return len + pad_len;
  165.     }
  167.     // 用于对比的原始函数
  168.     static void SetEncPad(uint8_t *buf, const uint len, uint8_t *pad_len) {
  169.         *pad_len = 16 - (len % 16);
  170.         for (int i = 0; i < *pad_len - 1; i++)
  171.             buf[len + i] = 0xaf;
  172.         buf[len + *pad_len - 1] = *pad_len & 0x1F;
  173.     }
  175.     ...
  176. };
  178. struct PacketEvent : UdpReader::PacketEvent {
  179.     rtp_packet_t packet{};
  181.     using UdpReader::PacketEvent::PacketEvent;
  183.     explicit PacketEvent(const Options &options, const UdpReader::PacketEvent &evt) : UdpReader::PacketEvent(evt) {
  184.         if (!is_acceptable(options.peer, evt.sender)) throw rtp_stream_failure("not mine packet");
  186.         auto buf = evt.buffer;
  187.         auto len = evt.length;
  189.         // 当前端口复用未启用。这个分支不进入
  190.         if (options.is_mux()) {
  191.             if (len < 4) throw rtp_mux_failure("RTP mux packet too short");
  192.             // ReSharper disable CppCStyleCast
  193.             const auto mux_id = ntohl(*(uint32_t*)buf);
  194.             if (mux_id != (uint32_t)options.mux_id) throw rtp_mux_failure("RTP mux ID mismatch");
  195.             buf = (uint8_t*)buf + 4, len -= 4;
  196.             // ReSharper restore CppCStyleCast
  197.         }
  199.         // 现在启用了这个分支
  200.         vic::BufferPtr save_ptr{};
  201.         if (options.is_crypt()) {
  202.             const auto cryptor = options.cryptor;
  203.             if (!cryptor) throw rtp_crypto_error("no SRTP cryptor we can use");
  204.             try {
  205.                 save_ptr = cryptor->process(buf, len);
  206.                 if (!save_ptr) throw rtp_crypto_error("SRTP decryption failed.");
  207.             } catch (vic::srtp_error &e) {
  208.                 // RX_TRACE("... decrypt %zu bytes", len);
  209.                 // RX_TRACEH(buf, len);
  210.                 throw rtp_crypto_error("SRTP decryption failed. " + string{e.what()});
  211.             }
  212.             buf = &save_ptr->at(0);
  213.             len = save_ptr->size();
  214.         }
  216.         if (rtp_packet_deserialize(&packet, buf, len) < 0) throw rtp_parse_failure("rtp_packet_deserialize() failed");
  218.         do {
  219.             const auto &rtp = packet.rtp;
  220.             // batch check. return on failure, or accept it by break.
  221.             if (rtp.pt == options.payload) break;  // accept without SSRC check now
  222.             if (!options.is_fec()) throw rtp_stream_failure("not mine packet");
  223.             if (rtp.pt == *options.fec_payload) break;  // accept without SSRC check now
  224.             throw rtp_stream_failure("not mine packet");
  225.         } while (false);
  227.         // 数据通过解析才认为是这一路媒体的包继续后续处理。包括FEC等现在未启用的逻辑。
  228.     }
  230.     uint16_t seq() const { return packet.rtp.seq; }
  231. };
添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注