[asterisk-bugs] [JIRA] (ASTERISK-20849) SDP crypto attribute is not well formed in the SDP ANSWER

Michael L. Young (JIRA) noreply at issues.asterisk.org
Sun Dec 30 21:51:45 CST 2012 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-20849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=201014#comment-201014 ] 

Michael L. Young commented on ASTERISK-20849:
---------------------------------------------

Pedro, I took a look at the code and saw the same thing you pointed out before requesting more information.  But, I wanted to try and see _why_ we are "offering" something when we should be processing the sdp and responding based on that sdp instead of behaving like we are sending an initial offer.  Hence, the reason why I asked for debug info to help see the sequence of events that leads to this issue.

Iñaki, the description was very clear in explaining _what_ is happening.  I am just trying to figure out _why_ it is happening.  I volunteer my time to help out and having debug information is very helpful in quickly pinpointing _where_ one should be looking.  We are trying to "address the issue"... just need some help to do so.

Thanks
                
> SDP crypto attribute is not well formed in the SDP ANSWER
> ---------------------------------------------------------
>
>                 Key: ASTERISK-20849
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20849
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/SRTP
>    Affects Versions: 11.1.0
>            Reporter: José Luis Millán
>            Assignee: José Luis Millán
>
> The crypto tag in the SDP ANSWER is not being generated according to the crypto tag in the SDP OFFER for the chosen crypto attribute. This makes the offerer reject the SDP ANSWER as it is malformed.
> Ej:
> For the following crypto lines in the SDP OFFER:
> a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:cpascljg+FDoOgsFyVirWHQjGXGp5WTEiVU2SuYC
> a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:i5JOAu02aPN5MaXlbwJofff1opYOd2mDJ21pTejP
> Asterisk replies with:
> a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:vdrJnisX2hBpcQvcZbpMmR9IG+Dc0EpEP1iC1EbQ
> While the correct reply is:
> a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:vdrJnisX2hBpcQvcZbpMmR9IG+Dc0EpEP1iC1EbQ
> As per RFC4568 section 5.1:
> "
> When an offered crypto attribute is accepted, the crypto attribute in
>    the answer MUST contain the following:
>    *  The tag and crypto-suite from the accepted crypto attribute in the
>       offer (the same crypto-suite MUST be used in the send and receive
>       direction).
> "
> Manually rewriting the ANSWER crypto tag accordingly before sdp is processed in the offerer does the trick.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list