[asterisk-bugs] [Asterisk 0005413]: [patch] Secure RTP (SRTP)
Asterisk Bug Tracker
noreply at bugs.digium.com
Sat Oct 18 08:12:45 CDT 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=5413
======================================================================
Reported By: mikma
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 5413
Category: Channels/chan_sip/NewFeature
Reproducibility: N/A
Severity: feature
Priority: normal
Status: confirmed
Asterisk Version: SVN
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!): 48491
Disclaimer on File?: Yes
Request Review:
======================================================================
Date Submitted: 2005-10-09 10:36 CDT
Last Modified: 2008-10-18 08:11 CDT
======================================================================
Summary: [patch] Secure RTP (SRTP)
Description:
This patch adds initial support for secure RTP using libsrt[1]. It can
be used in for example an implementation of the sdecriptions draft[2].
[1] http://srtp.sourceforge.net/srtp.html
[2]
http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0010129 Module SRTP can't loaded
======================================================================
----------------------------------------------------------------------
(0093938) malaiwah (reporter) - 2008-10-18 08:11
http://bugs.digium.com/view.php?id=5413#c93938
----------------------------------------------------------------------
Tested using http://svn.digium.com/svn/asterisk/team/jpeeler/srtp/ (most
up-to-date branch for srtp that I found). I builded it on Ubuntu 8.04 LTS
32-bits.
root at buildbox:/usr/src/asterisk-srtp# dpkg -l | grep libsrtp
ii libsrtp1-dev 1.4.4~dfsg-1 Secure
RTP (SRTP) and UST Reference Implemen
I did not try the res_mikey component as I do not think Grandstream
devices are using it.
I had to include "srtp/srtp_priv.h" header file in "res/res_srtp.c" to
make it compile properly (was missing symbols when compiling).
The "ast_srtp_depend" patch was not needed to compile properly.
I'm using the demo extensions.conf file from the samples, I only added a
friend ip sip.conf and changed externip parameters because this testing
server is on a private nat.
Using a GXP2000 firmware 1.1.6.16, SRTP forced in the device
configuration, codec PCMU. All I get is garbage sound.
Using the same GXP device, SRTP disabled, codec PCMU worked as it should.
I will attach some captures that I made during testing (asterisk console
at core verbose 99, gzipped tcpdump).
I tried forcing the GSM codec, but now there is only silence when forcing
SRTP on the Grandstream device. Reverting back to disabling SRTP makes it
work correctly.
I guess the garbled sound could be a side-effect of this warning.
[Oct 18 13:08:36] WARNING[23522]: sdp_crypto.c:161 sdp_crypto_activate:
Could not set remote SRTP policy
But I don't know how to fix it.
Issue History
Date Modified Username Field Change
======================================================================
2008-10-18 08:11 malaiwah Note Added: 0093938
======================================================================
More information about the asterisk-bugs
mailing list