[asterisk-bugs] [Asterisk 0005413]: [branch] Secure RTP (SRTP)
Asterisk Bug Tracker
noreply at bugs.digium.com
Fri Jan 9 10:01:26 CST 2009
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=5413
======================================================================
Reported By: mikma
Assigned To: otherwiseguy
======================================================================
Project: Asterisk
Issue ID: 5413
Category: Channels/chan_sip/NewFeature
Reproducibility: N/A
Severity: feature
Priority: normal
Status: assigned
Target Version: 1.6.3
Asterisk Version: SVN
Regression: No
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!): 48491
Disclaimer on File?: Yes
Request Review:
======================================================================
Date Submitted: 2005-10-09 10:36 CDT
Last Modified: 2009-01-09 10:01 CST
======================================================================
Summary: [branch] Secure RTP (SRTP)
Description:
This patch adds initial support for secure RTP using libsrt[1]. It can
be used in for example an implementation of the sdecriptions draft[2].
[1] http://srtp.sourceforge.net/srtp.html
[2]
http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
Update (17/12/2008): Branch against trunk is located here
http://svn.digium.com/svn/asterisk/team/group/srtp
======================================================================
Relationships ID Summary
----------------------------------------------------------------------
related to 0010129 Module SRTP can't loaded
======================================================================
----------------------------------------------------------------------
(0097307) phsultan (manager) - 2009-01-09 10:01
http://bugs.digium.com/view.php?id=5413#c97307
----------------------------------------------------------------------
> pshultan: Asterisk should be encrypting those calls if there is an SAVP
profile.
> It sounds like they are using the "Send RTP/AVP but add a crypto line"
method
> (which is totally not valid according to the specs, but I digress). I
meant to
> remove asterisk *sending* calls that way, but didn't mean to remove
accepting
> calls that way. I will try to get it to go back to encrypting calls with
an
> optional SRTP specified this way.
This is indeed the method they chose, at least on the phones (+ versions)
I tested. In my case, ignoring the 'secure_audio' parameter (set if
RTP/SAVP is received) solved the problem. So I commented out this section
:
if (!secure_audio && p->srtp) {
ast_log(LOG_WARNING, "We are requesting SRTP, but they responded without
it!\n");
return -2;
}
That's a quick and dirty hack, maybe a test to see if the call is outgoing
would be more relevant :
if (!secure_audio && p->srtp && p->outgoing_call == TRUE)
Issue History
Date Modified Username Field Change
======================================================================
2009-01-09 10:01 phsultan Note Added: 0097307
======================================================================
More information about the asterisk-bugs
mailing list