[asterisk-bugs] [JIRA] (ASTERISK-20934) Crash in libsrtp srtp_unprotect_rtcp when SIP channel is bridged with non-optimizing Local channel - NEXT

tootai (JIRA) noreply at issues.asterisk.org
Mon Jan 14 12:05:45 CST 2013 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-20934?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=201441#comment-201441 ] 

tootai commented on ASTERISK-20934:
-----------------------------------

Hi, me again,

the problems appears again on the IBM physical machine: on 13 of january I deleted or certificats and created new one with ast_tls_cert script, with create_ca with 4096 bits and create_cert with 2048 (first certificat was 4098/1024).

On 14/01/2013, customers called with new certificat and server crashed around 30 times (safe_asterisk is taking control of asterisk). Attached you will find backtrace and gdb from one crash.

I installed asterisk 10.11.1 -> same problem. I apply the srtp_unprotect_patch.diff (see issue #20499) with some difficulties, and start again to call demo stuff.

In console logs I see

[2013-01-14 21:48:14] NOTICE[4642]: res_rtp_asterisk.c:380 __rtp_recvfrom: We are going to run unprotect on 0x2aaac8092900
[2013-01-14 21:48:14] NOTICE[4642]: res_srtp.c:354 ast_srtp_unprotect: SRTP unprotect failed with replay check failed (index too old), retrying
[2013-01-14 21:48:14] NOTICE[4642]: res_srtp.c:393 ast_srtp_unprotect: Forcefully setting the session to NULL. This should cause the call to hangup.
[2013-01-14 21:48:14] ERROR[4642]: res_srtp.c:402 ast_srtp_unprotect: SRTP session was destroyed and could not be recovered.
[2013-01-14 21:48:14] NOTICE[4642]: res_rtp_asterisk.c:2174 ast_rtp_read: errno = Invalid argument
[2013-01-14 21:48:14] WARNING[4642]: res_rtp_asterisk.c:2177 ast_rtp_read: RTP Read error: Invalid argument. Hanging up.

No more crashes but call hangup.

Also, I see lots of

[...]
[2013-01-14 21:53:21] ERROR[4758]: tcptls.c:436 ast_tcptls_client_start: Unable to connect SIP socket to xyz.zzz.134.24:4963: Connection refused
[2013-01-14 21:53:31] ERROR[4706]: tcptls.c:436 ast_tcptls_client_start: Unable to connect SIP socket to xxx.yyy.192.41:3162: Connection timed out
[...]

Could this explain the index to Old? The above IPs are the one of customers phone (all are SNOM 870, remember mine is 320, all with firmware 8.7.3.15)

Thanks for your support.

Daniel

                
> Crash in libsrtp srtp_unprotect_rtcp when SIP channel is bridged with non-optimizing Local channel - NEXT
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-20934
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-20934
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/SRTP
>    Affects Versions: 10.8.0
>         Environment: RHEL 5.8 on IBM X3650 M4 - 12 core - Xeon E5-2640 @ 2,50 ghz
>            Reporter: tootai
>            Assignee: Jonathan Rose
>            Severity: Critical
>
> A call from snom320 in SRTP mode to echo test or to another phone *NOT* using SRTP is OK. Now we installed PhonerLite softphone with TLS/SRTP stuf and test with echo test: everything is OK too.
> Now PhonerLite calls the snom: asterisk coredump after 3~5 seconds and we are NOT able to make anymore SRTP calls after this, they all crash asterisk. We had this issue with 10.7.0 and 10.8.0
> We have logfiel from strace as well as coredump.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list