Use latest libvpx (was already the case on Android),
to profit from latest optimizations.
This should mostly profit to low-end Intel CPUs,
according to libvpx changelog:
Devices based on Celeron processors have seen substantial
decoding improvements (...) While Celeron benefited most,
Core-i5 also improved 5% and 10%.
https://github.com/webmproject/libvpx/blob/master/CHANGELOG
Change-Id: I471408c2b09d580fd564b3a968eb4e0f22599541
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Bump minimum required ffmpeg version in contrib to avoid using outdated
system version.
Change-Id: I50aa8ecea8be355a4fb60eaf35ca3f6224f2a32e
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Add patch to fix restbed DNS resolution error,
that was ignored, causing indefinite hangup.
Change-Id: I40fff6a8662e8d204e0d4b813c4a94adadb99b65
Reviewed-by: Anthony Léonard <anthony.leonard@savoirfairelinux.com>
Fixes certain cases where the fallback to software decoding was
not done.
Change-Id: Ie0276a79f3d7434795876a7f417e7b0c6a0b8851
Reviewed-by : Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
The count argument passed to std::fill_n was in bytes instead of
element's count (which are of Float32 type) so zeroes were written
outside the scope of the audio buffer.
This was causing crashes not on this instruction but anywhere in the
application when a malloc call was checking for memory sanity (which
isn't done on every allocation).
Change-Id: Iec6fa9d3b00b828c6bf798c77419b8bad970d6e1
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
It was previously set to 1s which is too slow for other components
such as OpenDHT which kept connecting/deconnecting. Moreover, this
change was already made in the GUI client but the CLI one was
forgotten at that time.
Change-Id: Ifed007b90e9c2f9ccc01e11d90bc2d619bebd40c
Fix Manager::addParticipant() to always accept (return true)
to add a call already in given conference (no-op).
Without this patch, doing so causes a daemon crash.
Change-Id: I7b03a1349e7cac148ba3991b8e0bc2a9f1521c85
Reviewed-by: Olivier Soldano <olivier.soldano@savoirfairelinux.com>
Add some inclusion to <functional> Std C++ header to support
build on GCC 7.x.
Change-Id: I82ae10a300807cb6b3cab172bf5d7399264cd08e
Reviewed-by: Nicolas Jäger <nicolas.jager@savoirfairelinux.com>
Fix regression found in commit
[33447cc6bb: certstore: re-factor peer certificate authorization routine]
An unknown dht call is not accepted even if the configuration flags
"dhtPublicInCall" is true.
Now, accept the gnutls certificate error "INVALID + SIGNER_NOT_FOUND"
when this flags is true.
Change-Id: I90575ab82296d3d29140a7394ae178c196aa98c4
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>
Reviewed-by: Adrien Béraud <adrien.beraud@savoirfairelinux.com>
Currently the dring API provides no way to simply
remove a contact without banning it.
This adds a ban flag to removeContact.
If set to true, the behavior stays the same and
the contact will be banned.
If set to false, the contact will be removed from the
contact list.
After the call, it won't be neither added or banned.
In both cases the ContactRemoved signal is emitted if
the contact status changes.
Change-Id: I95510f6db767b7b0e7fe15e8405b39b0bc3dd594
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
* update ffmpeg to latest stable 3.3.1,
update patches and remove deprecated patches and flags,
* enable ffmpeg ASM optimizations for all platforms but Android x86
(see https://trac.ffmpeg.org/ticket/4928 )
* enable Android hardware accelerated decoding (MediaCodec),
for now only with VP8, MPEG4
Change-Id: Ifac82ec7b9b71bd92a65a3575ac63e7ed80b510b
If the certificate status can't be set it means
the contact is already allowed (or banned)
and it's not an error preventing Ring to work
properly.
Still print a debug message to annoy client
developers so they stop allowing everybody
on startup.
Change-Id: I334b2d1f0140c7019f07dd11f8ce64e61510f038
Reviewed-by: Nicolas Jäger <nicolas.jager@savoirfairelinux.com>
Version of x264 currently used in contrib is from 2013, doesn't include
any ARM64 optimization, and misses many ARMv7, x86, x86_64 optimizations
introduced since 2013.
This patch updates x264 to the latest commit in the official
x264 "stable" branch, except on iOS which doesn't build.
Change-Id: Ifedbe80b0c4d7c628adc701018603cf01ed12dfa
Reviewed-by: Nicolas Jäger <nicolas.jager@savoirfairelinux.com>
* cleanup CertStore to remove unused features
* ensure that at least one certificate in the chain is allowed
if public calls are disabled and that no certificate in the chain
is banned, additionally to the chain match.
This prevent allowing any certificate signed by the CA of a contact,
while still supporting authorization through a CA (with
setCertificateStatus).
* use dht::crypto::TrustList when relevant (requires OpenDHT bump)
* rebuild trust list when appropriate as GnuTLS' trust list
doesn't allow "unbanning". This fix issues when banning then allowing
a certificate during the same session
Change-Id: I8ea28f3a673eebf2174e8fab3a413c20630b28ca
Reviewed-by: Nicolas Jäger <nicolas.jager@savoirfairelinux.com>
Switch to ffmpeg for video processing on OSX.
FFmpeg provides hardware acceleration for video decoding
Change-Id: I6f4a318e79871c8c9e798d213f1c9deeb80d7398
Reviewed-by: Philippe Gorley <philippe.gorley@savoirfairelinux.com>
SipIceTransport was a first implementation of a SIP
transport working over an ICE transport.
It was insecure and is now unused and unmaintained
(last actual change is from February 2015),
and deprecated by SipsIceTransport.
Remove it from the code base to speed up compilation
and avoid accidental usage by confusion with SipsIceTransport.
Also fix minor warnings in SipsIceTransport
(std::move of an rvalue).
Change-Id: I7a8ce2c0570d92bfe8bd191f2f6c8c6f2b191980
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Remove a race-condition on packet reorder std::map
during its flush.
This caused application crashes.
Change-Id: I01ebf56f8cca141585f11c1090262d3b44f34544
Reviewed-by: Andreas Traczyk <andreas.traczyk@savoirfairelinux.com>
This CoreAudio function was called every time the read callback was
triggered which is inefficient and causing deadlock if
AudioOutputUnitStop is called at the same time. This problem was
occuring often during call stop.
We now keep necessary properties in the CoreLayer object during
initialization of the AudioUnit and use them instead of querying
the API.
Change-Id: I38e685e3dcbf00d95253f27f99ae25a708f31b19
Reviewed-by: Kateryna Kostiuk <kateryna.kostiuk@savoirfairelinux.com>
Avoid to build unused argon2 binary and to perform
unnecessary clean before building, which can cause
build failure when building in parallel.
Change-Id: I5fad09d8c8c9a22678e6a673a288efc40cc165b9
This patch adds libopus to the UWP contrib and configures the
ffmpeg build script to use it.
Change-Id: I20e3b547eb7228be0a293a3514eb267afac1c068
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Adds the VDPAU acceleration for GNU/Linux systems and
enable it by devault. Can be disabled using ./configure --disable-vdpau
Support for H.264, H.263 and MPEG4, as long as the hardware supports
them.
Requires libvdpau and ffmpeg 3.3 (contrib bump included by this patch)
[guillaume roguez: re-word ci msg to be more explicit]
Change-Id: I7479f4d7e3d51caf702be8c85284a4fca01605b3
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
give a chance to rx queue to immediatly push packets to application
when packet is received. This reduces a bit the latency of packet
handling.
Change-Id: I7c09d91ab505e9e65ebbb990f1d155b3d639e024
The argon2 static projects are named "static" and output with
a .lib extension, but are not configured correctly as static
libraries.
This patch corrects that configuration setting for the project
used by opendht/ring-daemon.
Change-Id: I8e8d4f30bcf5e60c5f22c42f4b68b7f1f6e42d30
Despite setting LIB_SH="", a (broken) symbolic is still created,
and sometimes attempted to be linked with.
Make sure to remove any potential shared library.
Change-Id: Iba8242dd952b536b261cfd7d30c8ce72cf5af3d0
There was a missing override of shared object target in the argon2
build rules.
Change-Id: I6e47ff55fd684357cc0ac674cb27b9b39068f5a0
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
setCallMediaLocal is used to setup transport related options.
We also don't use anymore the local IP argument.
So this patch remove the argument, move it into ctor
and make setCallMediaLocal private (all calls removed).
This has the good side effect to remove the non-permited ICE API call
causing an error in logs.
Change-Id: I69220c253164777e8e88b6a4deef451325458c2c
Reviewed-by: Olivier Soldano <olivier.soldano@savoirfairelinux.com>
This is because argon2's shared object target always makes the
executable, causing some undefined references to 'main'. This
nulls that target, to only build in static.
Change-Id: Ic6fbd6a99c5df24866bd07bbbf11803e19d39af1
* bump fixes a crash with null certificates
* use a release tag as a best practice to help packagers
Change-Id: Ief90ea9d833419eb10a9250d7e5d956f95a2a5bc
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
There are various issues in the PMTUD code:
- OOO handler wasn't applied to the first packet
due to unseen code duplication in PMTU code.
- first packet sequence has to be known in case of OOO on it
- bug in losts detection.
- decrease the lost threshold time.
- temporary packet allocation is not efficient.
- code duplication and functional flow not well designed.
- comments needed
This patch fixes all of that.
Change-Id: I93ec71e22f6cb7a66ad9ab0f927d31044966f1e3
Reviewed-by: Anthony Léonard <anthony.leonard@savoirfairelinux.com>
1.1.3 brings performance optimizations on Android:
* Neon optimizations improving performance on ARMv7 and ARMv8 by up to 15%
1.1.4 fixes a potential security issue
* A specially-crafted Opus packet could cause an integer wrap-around in
the SILK LSF stabilization code. This would cause an out-of-bounds read
256 bytes before a constant table. In most circumstances, the
consequences are harmless and the result is simply noise in the audio.
This was reported as CVE-2017-0381.
Change-Id: If2c12ab5de12c420344735dc7ca89c2366a0045c
A hack was already implemented for Linux based platforms which forces
the use of static version of argon2 by removing the dynamic version
after its compilation.
This patch introduces the same workaround for macOS on which the build
was failing on a linking error when compiling the client.
Change-Id: I7e79687d496b0dbc41cf7d1999106cb367b4e7c6
Reviewed-by: Kateryna Kostiuk <kateryna.kostiuk@savoirfairelinux.com>
This patch fixes osx build that not correctly link with Argon2.
Change-Id: I2f71179a163643667cac5caaa9517aed5a0de3fc
Reviewed-by: Kateryna Kostiuk <kateryna.kostiuk@savoirfairelinux.com>
Link a call and a subcall using shared_ptr relation (parent_).
This prevents invalid access on destroyed call pointer,
as seen on Android platform.
Change-Id: I2c6423afb6bd9846a9fd84a206c8fbf4bce969ee
Reviewed-by: Aline Bonnet <aline.bonnet@savoirfairelinux.com>
This new API gives the possiblity to obtain a serialized form of
given contact.
This patch also integrate a DBus binding for this new API
and fix minor description on getContactDetails() API.
[JN : getContactInfo renamed to getContactDetails]
Change-Id: I89c2a9aa39a77b20bec76a3f3a4f64141f770297
Reviewed-by: Nicolas Jäger <nicolas.jager@savoirfairelinux.com>
Internal subcalls don't have to be exposed to clients.
This patch prevents to be listed by getCallList() API.
Change-Id: If8f72670767f0a19ccc45255c9a44eabd534a7bf
Tuleap: #1526
setCertificateStatus could be used to override contact
policies.
For instance the client calls setCertificateStatus(ALLOWED)
for every ringid in the history, un-banning banned contacts.
Authorization policy for contacts is handled by the daemon,
so prevent overriding it for account contacts.
Change-Id: I52c7651a567c5ad8295f3a9ed714eb3caffdc7cb
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
To match with the certificate chain, the peer CA certificate
must be added to the session credentials in recent GnuTLS versions,
providing an additional layer of certificate verification.
This add an optional peer_ca TLS parameter to add as a CA,
and use it in RingAccount.
Change-Id: I4b308de5b154bc9177a68d5f5db2b9f8e42d28b6
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
Add Argon2 as an independent package instead of building the version
shipped with OpenDHT, to better track Argon2 version,
and allow using the system version if available (and profit from
security updates).
Bump OpenDHT to release 1.3.1 from intermediate commit, bringing
minor bug fixes and performance improvements.
Change-Id: I2c697a95ca77b8de5241c329016a2aa349f4453b
Fix two bugs in PJSIP' base64 implementation:
* prevent invalid memory access for empty input string
* allow using an output buffer of just the right size
Change-Id: I55a1733fab8b3dcffe83cae28a6a318165b05932
Reviewed-by: Stepan Salenikovich <stepan.salenikovich@savoirfairelinux.com>
There was a lambda which capture the SIPAccount as shared_ptr.
But this lambda is destroyed only when application exit.
This cause to delete the account after sipvoiplink/pjsip termination,
and calling pjsip functions not more available and causing the crash
(a non-permited thread access... but pjsip is uninitialized!).
Refactor the lamba capture to use a weak_ptr.
Change-Id: I04ce74bbc5a208e9bfc6e936f9cf26f574ef6090
Tuleap: #470
When performing an outgoing call, attempt to use the peer certificate
from the store.
Change-Id: I3bf8f61534b721a3c366107d16070be3fe3a796e
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
When adding a trusted CA, now add the full chain
in the store to properly match with the chain (otherwise
GnuTLS has no access to parent certificates).
Change-Id: Idd3b206f5329ecc116435ab397833514d2515534
Reviewed-by: Guillaume Roguez <guillaume.roguez@savoirfairelinux.com>
It prints warnings on my CI and are not used anymore.
**WARNING** This breaks the DBUS API, but nobody should notice.
Change-Id: I01354f296c0be97d5ce16400deedbef910d5f9bd
Reviewed-by: Guillaume Roguez <guillaume.roguez@gmail.com>
