[asterisk-bugs] [JIRA] (ASTERISK-20849) SDP crypto attribute is not well formed in the SDP ANSWER

Pedro Kiefer (JIRA) noreply at issues.asterisk.org
Wed Jan 2 06:58:45 CST 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-20849?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=201035#comment-201035 ] 

Pedro Kiefer commented on ASTERISK-20849:
-----------------------------------------

Iñaki,

The second line is not needed, asterisk can offer starting on "1". I'll remote that and repost the patch.
                
> SDP crypto attribute is not well formed in the SDP ANSWER
> ---------------------------------------------------------
>
>                 Key: ASTERISK-20849
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20849
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/SRTP
>    Affects Versions: 11.1.0
>            Reporter: José Luis Millán
>         Attachments: fix_sdp_crypto_tags.diff, issue_20849_full_log
>
>
> The crypto tag in the SDP ANSWER is not being generated according to the crypto tag in the SDP OFFER for the chosen crypto attribute. This makes the offerer reject the SDP ANSWER as it is malformed.
> Ej:
> For the following crypto lines in the SDP OFFER:
> a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:cpascljg+FDoOgsFyVirWHQjGXGp5WTEiVU2SuYC
> a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:i5JOAu02aPN5MaXlbwJofff1opYOd2mDJ21pTejP
> Asterisk replies with:
> a=crypto:1 AES_CM_128_HMAC_SHA1_32 inline:vdrJnisX2hBpcQvcZbpMmR9IG+Dc0EpEP1iC1EbQ
> While the correct reply is:
> a=crypto:0 AES_CM_128_HMAC_SHA1_32 inline:vdrJnisX2hBpcQvcZbpMmR9IG+Dc0EpEP1iC1EbQ
> As per RFC4568 section 5.1:
> "
> When an offered crypto attribute is accepted, the crypto attribute in
>    the answer MUST contain the following:
>    *  The tag and crypto-suite from the accepted crypto attribute in the
>       offer (the same crypto-suite MUST be used in the send and receive
>       direction).
> "
> Manually rewriting the ANSWER crypto tag accordingly before sdp is processed in the offerer does the trick.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list