Adrien Béraud authored 8 years ago and Guillaume Roguez committed 8 years ago

The missing piece for working device revocation.
* cert store: always use certificate chain match to check
  parent certificate.
  We used to allow a certificate if the parent certificate
  was explicitly allowed. This doesn't check for revoked
  device certificate. Instead, always check certificates
  using the standard certificate chain method except if
  the certificate itself is whitelisted.
* ringaccount: check the account own device certificate chain
  This cause a revoked account to fail loading and propose
  the user to generate a new device from the archive
  through the standard account migration procedure.
* ringaccount: check device loaded from disc using
  the common routine to discard devices revoked since the last
  save.

Tuleap: #1457
Change-Id: I03f015e78d1d14f5f2e9f99a6d3dd47a6f2c5bfe

Stepan Salenikovich authored 8 years ago and Guillaume Roguez committed 8 years ago

The rest of the audio api performs this check as well.

Change-Id: I31d589f2f634e2044ce1c7ca8ab614b2caef4d7b
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>

Tuleap: #1457
Change-Id: I57aad9c3b9eab884f11ca67474b0cdfbb4db3983

Adrien Béraud authored 8 years ago and Guillaume Roguez committed 8 years ago

* add DeviceRevocationEnded signal to allow client to
  be informed when revocation ends
* implement the signal in ringaccount
* remove device from account device list on revocation,
  send appropriate signal and sync devices

Tuleap: #1457
Change-Id: I0d804e77d420ffcfb01888e68aa07d58eba913e3

This reverts commit f3d677fb.

Change-Id: Iebfbb5554c1d910c7ea0d919b13669e760d512ca

Change-Id: Ibc239cfca4eb96e115080f57184768625b3e800f
Tuleap: #1524

Use the correct print format types to prevent compile time warnings.

Change-Id: Ife2802dd485ccd5a3289a578a3f10dc6607001ad

Blocking function (sleep) called when inside locked region.
This patch uses a move-in-temporary idiom to prevent that.
Was detected by Coverity scan.

Change-Id: I7ab74001c3d9de11e1d95b5e4a1c1bd0a8dce8c9
Reviewed-by: Olivier SOLDANO <olivier.soldano@savoirfairelinux.com>

the state wasn't display in case of error in bindCallToConference.

Change-Id: Id206226825f195045ca126b1268e3ba0c5bd3447
Reviewed-by: Olivier SOLDANO <olivier.soldano@savoirfairelinux.com>

Fix a returning without unlocking detected by Coverity scan.

Change-Id: I53faa761649202ce7ed49845ca6c91a31d914338
Reviewed-by: Anthony Léonard <anthony.leonard@savoirfairelinux.com>

sipvoiplink code may set remote sdp to nullptr and this case was not
handled correctly later.
This patch fixes that by not using the nullptr to set ICE call transport.
Also moved the code to use the remote sdp, duplicated, into sipcall
for factorization.

Change-Id: I6dcfd3bebed3fd754c91dd7f2cab7ca110d3de09

~SIPVoIPLink() calls handleEvents() but this method may throw.
Throwing during destructor is forbidden and result to and std::terminate().
Fix by try {} catch the call.

Detected by Coverity scan.

Change-Id: I57d742c7f6b6d872b4b2118c1f10c0986c082397

Add a missing return statement at end of Manager::detachLocalParticipant().

Change-Id: I7b83403340aaa425ba0641741f9a65953c253253
Reviewed-by: Anthony Léonard <anthony.leonard@savoirfairelinux.com>

MTU discovery was only implemented into TLS secured ICE transport,
not in other sip transport.
This wasn't taken in account and causes crashes when SIP call (TLS or not)
are made.
We fix the problem by detecting the transport type at various stage
and calling correct API (or use default values as in the case of MTU).

Change-Id: Id256a718ca8265a7295085fab8db9cf8e4c99683

- replace malloc by C++ vector or new[]
- use unique_ptr for dynamic allocations
- use C++ cast than C cast
- do not copy, use const&, & or move-idiom
- replace NULL by nullptr
- AAA rule
- general coding rules

Change-Id: I8a62ca9ef59b0807d5abeb0a5090521843dbb9ca

Ringing and busy tones have disappeared for an obscure reason.
This patch reverts this situation by asking manager to play
them at the right call state event.

Change-Id: Ida6c3c946df553811b7b88b8a64e6a347fa3dfa4
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Since a recent patch manager.h doesn't provide non-related headers
like audioloop.h.
This causes some build error in .cpp files missing to include
correctly their dependencies.
This patch fixes such case for jacklayer.cpp

Change-Id: Ic33bc83026749676e4c34b7989fc61efd459231c

Guillaume Roguez authored 8 years ago and Andreas Traczyk committed 8 years ago

"RoboCop watching you"

IM dedicated code has been inserted into Call::setState()
and it's an Open Close Principle violation.
Move it into a dedicated function and assign it to call state
change as listener.

As code changed, also make a better state listening implementation
that do not depend on listener call order.

Notice: TODO have been inserted, it's for another patch.

Change-Id: Ibe37555320de1dec173338a62323320d3d93bb4a
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Decrease the manager.h file dependency map by removing
uneeded inclusion and small code refactoring to nicely decoupling
classes.

Change-Id: Ibde69e0a088e7e2fbd842e39301db5b3a4bc8c28
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

This patch uses a pimpl idiom to decouple
Manager class interface (public API) from its implementation
(private members).
A back-pointer is also used by private implementation.
It's a first step to reduce the complexity and dependency
of this fat class. But this patch tries to keep the task atomic.

No behavioral changes! But the public API has been
slightly modified to arrange the pimpl code.

Change-Id: I01f15bab693397bc4c5a0f73393906110008488f
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Adrien Béraud authored 8 years ago and Guillaume Roguez committed 8 years ago

* add account id to more messages
* add more details in some messages
* add user-friendly dht connectivity change
  messages
* minor cleanup

Change-Id: I2cc9d754a2c9efe22f649cf903042d44a2242252

After calling setAccountDetails with a new device name,
set the new device name in the device list
so the list is not overriten by loading the
device list from file.

Change-Id: Ie113e211fb7d0ace1c076122b1bc98ce6a49af08
Tuleap: #1494

Guillaume Roguez authored 8 years ago and Andreas Traczyk committed 8 years ago

This patch removes all non-used or non-implemented members
of the Manager class.
This class is "fat" enough to get care.

Change-Id: I03d85385c4e3d822a3d3cb89050d77ec02e31443
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Fixes account publishing hang.

Change-Id: I35f7fecb8780842fe14fe5385f85548fb831f02b
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>

- commit 71882bc4 accidentally
  undid commit 149e8e5c

Change-Id: Ie1165a4d856be3b2b07d7724e2c8284b1c92aca0

Fixes account publishing hang.

Change-Id: I888962362a83df48ba38a75bcdf0e68e9f277c1a

- Removes some remaining forbidden API calls from the daemon.

Change-Id: I4276e7a439f15c768179dd49ef64863de54f3a77
Tuleap: #790

Guillaume Roguez authored 8 years ago and Andreas Traczyk committed 8 years ago

As for joinParticipant, refactor addParticipant by using
the new bindCallToConference method.
Decrease code complexity, redundancy, CC, ...

Change-Id: I213bdc7d0caf597c388605df6d202907371ae19c
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Guillaume Roguez authored 8 years ago and Andreas Traczyk committed 8 years ago

move the code dedicated to local participant
(i.e. callId = DEFAULT_ID), into the dedicated method
detachLocalParticipant.
This decreases the cyclomatic complexity and
make a more clear distinction on both methods usage.

Change-Id: I5f76f60a8e8b776b8c16ad1f438a0f77e42fc0fb
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

An extra cflag has been removed when adding arm64 support

Change-Id: Ic237fb7edb320975a0dd943f18fe557f04ed4e6a

Manager::newOutgoingCall() does not handle case where
a valid account is found (no prefered given) but not usable,
and many accounts are possible.
They are not tested.
This patch fixes this situation and also reduce cyclomatic
complexity by factoring the account search loop.

Change-Id: I505d082f4ca5d7756fe1f257e1767696dc41a2bf

- decrease cyclomatic complexity of joinParticipant by
factoring conference binding code and removing
unneeded createConference method.

- move the ConferenceCreated signal at the right place
in the flow (i.e. last in sequence).

Based on a proposition from zinspierre <zins.pierre@gmail.com>
and al. in part of the course LOG8430 (Polytechnique Montreal).

Thanks to them.

Change-Id: I55203cc400496cd679c4f157d765aee0dec9c4f8
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Guillaume Roguez authored 8 years ago and Andreas Traczyk committed 8 years ago

Increasing the number of keyframes sent at the begining
of a video stream upto 4 (was 1).
Even if the bytes flow is increased (only temporarily)
sending more keyframes at stream begin let a chance to
have a nice video looking in case of possible network
packet drop. It's often the case at the stream begin
due to high traffic caused by the calling establishment
process.

Change-Id: I2636727422ca641d8af9d83c59b9d487aff606d5
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

Olivier SOLDANO authored 8 years ago and Andreas Traczyk committed 8 years ago

This implementation uses gnutls dtls heartbeat API to test path MTU.
heartbeat allowing messages with automated response in a datagram,
the application is able to guess the MTU via a timeout in the heartbeat.
(timeout on packet sent and no response, implies that the MTU is lower
than the lost payload.)
To minimize false positives (a response is lost for example), each attempt
triggers one retry on the first timeout.
This version ensures a minimal MTU of 512 bytes will be returned in
case of any failure in the procedure.
For retrocompatibility with non heartbeat capable clients,
a fallback MTU is set at 1280.

Change-Id: Ib9a7f63a70e8bdad239d8fc103779a0f2c387e87
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>

- Commit 184178da applied a patch
  before decompressing the ffmpeg tarball. This patch applies the
  patch after decompressing the archive.

- remove extra lines that were preventing a pjproject patch from
  being applied correctly.

- remove patching to openssl, as a recent update to VS makes the
  patch prevent store compatibility.

Change-Id: Id5e8576c5df8a08a2974d9bf71ccf31fb5b2c513
Tuleap: #790

Change-Id: I9930519d16063a6d127fd82c7821ed197c8441d2
Tuleap: #1509

Bump OpenDHT to detect certificate migration needs

Change-Id: I2a58183a69855e826c7a253a8435ae2f465ca5bf
Tuleap: #1435

- Adds x264 as a UWP dependency and patches it to pass the WACK
  test.

- Configures ffmpeg to build with x264 support

Change-Id: I3de4a45ba0df73b9217b0a73d8f006b631f71e00
Tuleap: #790

Nicolas Jager authored 8 years ago and Guillaume Roguez committed 8 years ago

- bug : if readArchive() line 1410 throw an exception, migrateAccount()
will return without emiting any signal.

- you can reproduce it by passing a wrong password to readArchive().

- this patch fix the try catch by adding a signal before the return.

- fix a missing else line 1421. Whitout it, whenever if
updateCertificates return true, a Migration::State::INVALID signal is
emited. Wich also leads when updateCertificates is true to emit two
opposite signals.

Change-Id: Id3bdbe6ef852095793af7802c75559d033b9f890
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>

This patch prevents to force a new Ring account creation
even when the encrypted archive is present, valid and correct password
is given.

This was due to an invalid archive path checking that never take in
account the fullpath.

Change-Id: Id9b46774edbeb816551d05a743cb4a7d01ab637d