[asterisk-bugs] [JIRA] (ASTERISK-20849) SDP crypto attribute is not well formed in the SDP ANSWER
Iñaki Baz Castillo (JIRA)
noreply at issues.asterisk.org
Mon Dec 31 08:15:47 CST 2012
[ https://issues.asterisk.org/jira/browse/ASTERISK-20849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=201019#comment-201019 ]
Iñaki Baz Castillo commented on ASTERISK-20849:
-----------------------------------------------
Ok, something found:
{{sdp_crypto_offer()}} is called by {{get_crypto_attrib()}} (in chan_sip.c) and {{get_crypto_attrib()}} is called by {{add_sdp()}} (in chan_sip.c around line 13093) in case {{add_audio}} variable is true (which obviously occurs in this case). So finally {{sdp_crypto_offer()}} is always called and invalidates the previous action of {{sdp_crypto_process()}}.
> SDP crypto attribute is not well formed in the SDP ANSWER
> ---------------------------------------------------------
>
> Key: ASTERISK-20849
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-20849
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/SRTP
> Affects Versions: 11.1.0
> Reporter: José Luis Millán
> Assignee: José Luis Millán
> Attachments: issue_20849_full_log
>
>
> The crypto tag in the SDP ANSWER is not being generated according to the crypto tag in the SDP OFFER for the chosen crypto attribute. This makes the offerer reject the SDP ANSWER as it is malformed.
> Ej:
> For the following crypto lines in the SDP OFFER:
> a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:cpascljg+FDoOgsFyVirWHQjGXGp5WTEiVU2SuYC
> a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:i5JOAu02aPN5MaXlbwJofff1opYOd2mDJ21pTejP
> Asterisk replies with:
> a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:vdrJnisX2hBpcQvcZbpMmR9IG+Dc0EpEP1iC1EbQ
> While the correct reply is:
> a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:vdrJnisX2hBpcQvcZbpMmR9IG+Dc0EpEP1iC1EbQ
> As per RFC4568 section 5.1:
> "
> When an offered crypto attribute is accepted, the crypto attribute in
> the answer MUST contain the following:
> * The tag and crypto-suite from the accepted crypto attribute in the
> offer (the same crypto-suite MUST be used in the send and receive
> direction).
> "
> Manually rewriting the ANSWER crypto tag accordingly before sdp is processed in the offerer does the trick.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the asterisk-bugs
mailing list