[asterisk-bugs] [Asterisk 0005413]: [branch] Secure RTP (SRTP)
Asterisk Bug Tracker
noreply at bugs.digium.com
Wed Dec 24 12:58:46 CST 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=5413
======================================================================
Reported By: mikma
Assigned To: otherwiseguy
======================================================================
Project: Asterisk
Issue ID: 5413
Category: Channels/chan_sip/NewFeature
Reproducibility: N/A
Severity: feature
Priority: normal
Status: assigned
Asterisk Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!): 48491
Disclaimer on File?: Yes
Request Review:
======================================================================
Date Submitted: 2005-10-09 10:36 CDT
Last Modified: 2008-12-24 12:58 CST
======================================================================
Summary: [branch] Secure RTP (SRTP)
Description:
This patch adds initial support for secure RTP using libsrt[1]. It can
be used in for example an implementation of the sdecriptions draft[2].
[1] http://srtp.sourceforge.net/srtp.html
[2]
http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
Update (17/12/2008): Branch against trunk is located here
http://svn.digium.com/svn/asterisk/team/group/srtp
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0010129 Module SRTP can't loaded
======================================================================
----------------------------------------------------------------------
(0096937) otherwiseguy (administrator) - 2008-12-24 12:58
http://bugs.digium.com/view.php?id=5413#c96937
----------------------------------------------------------------------
Ok, for now I am removing the SIPSRTP=optional setting as there is no
standard way to provisionally offer SRTP that I can find. The way that
were were doing it was the way that snom supports, but it causes the
Polycom to choke. Instead, what I now have is a sip.conf peer option
srtpenable=yes|no and have added the ability to check this option with the
SIPPEER() dialplan function. Now, if the value of SIPSRTP evaluates to
false, then encryption will not be offered, otherwise it will. Also gone
is the SIPSRTP_CRYPTO dialplan variable since 1) We don't have MIKEY
support here right now and 2) If we did, I think it would be better to just
signal whether or not you want to encrypt via the dialplan and leave the
choice of how to encrypt to a sip.conf variable.
An quick/short example of how to offer SRTP only to devices that are
capable would be something like:
[default]
exten => _600X,1,Set(_SIPSRTP=${SIPPEER(${EXTEN},srtpcapable)})
exten => _600X,n,Dial(SIP/${EXTEN})
notthematrix (and eveyone else for that matter): Does that sound ok to
you?
Issue History
Date Modified Username Field Change
======================================================================
2008-12-24 12:58 otherwiseguy Note Added: 0096937
======================================================================
More information about the asterisk-bugs
mailing list