Gavin Llewellyn wrote:
I noticed something in a JVB log file that has me concerned:
2015-06-28 16:43:34.267 WARNING:  org.jitsi.impl.neomedia.transform.dtls.DtlsControlImpl.warn() Failed to verify and/or validate a certificate offered over the media path against fingerprints declared over the signaling path! No fingerprints declared over the signaling path!
The root cause of the lack of fingerprints may be that we’re not driving the REST interface correctly; I haven’t looked into that yet. What worries me is that the media is working despite this warning message. JVB has apparently been unable to verify the fingerprint, but continues regardless. Surely this is not a good idea.
Looking at the code in DtlsControlImpl, it appears a similar result would arise if the fingerprint was signalled but did not match: verifyAndValidateCertificate() prints a warning and returns false, but the return value is never used. According to a comment in that file, not tearing down the connection appears to be deliberate. Am I missing something?
Reply to this email directly or view it on GitHub: