[asterisk-bugs] [Asterisk 0018674]: [patch] Unable to choose which SRTP suite to offer
Asterisk Bug Tracker
noreply at bugs.digium.com
Tue Feb 1 08:42:15 CST 2011
A NOTE has been added to this issue.
======================================================================
https://issues.asterisk.org/view.php?id=18674
======================================================================
Reported By: bbeers
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 18674
Category: Channels/chan_sip/SRTP
Reproducibility: always
Severity: minor
Priority: normal
Status: feedback
Asterisk Version: SVN
JIRA:
Regression: No
Reviewboard Link:
SVN Branch (only for SVN checkouts, not tarball releases): trunk
SVN Revision (number only!): 303637
Request Review:
======================================================================
Date Submitted: 2011-01-25 09:56 CST
Last Modified: 2011-02-01 08:42 CST
======================================================================
Summary: [patch] Unable to choose which SRTP suite to offer
Description:
Setting encryption=yes in sip.conf will cause asterisk to
generate a line in SIP INVITE SDP:
a=crypto: AES_CM_128_HMAC_SHA1_80 ...
There is no way to specify that asterisk should offer
AES_CM_128_HMAC_SHA1_32 instead of
AES_CM_128_HMAC_SHA1_80.
======================================================================
----------------------------------------------------------------------
(0131346) bbeers (reporter) - 2011-02-01 08:42
https://issues.asterisk.org/view.php?id=18674#c131346
----------------------------------------------------------------------
lmadsen: wimpy asked a similar question on 25 Jan. I'm anticipating a
future where we have an audio+video call that may requires different
suites. Ther could be some other new parameters becoming available,
perhaps encryption_audio, encryption_video, encryption_text, that would
override the "default" encryption_suite if necessary. Leaving
encyption=[yes|no] also allows for quickly turning off all encryption
without changing all the other params (probably only useful for
testing/debugging). Also, I had intended that the current patch does allow
for backward compatibility. Is that not the case?
giles: I'll look at that warning (I think it is due to return value of a
libsrtp function call, srtp_unprotect_rtcp or srtp_unprotect) and see if I
can tell what is happening. I didn't notice it during my testing, but I
will look more carefully.
Issue History
Date Modified Username Field Change
======================================================================
2011-02-01 08:42 bbeers Note Added: 0131346
======================================================================
More information about the asterisk-bugs
mailing list