[asterisk-bugs] [JIRA] (ASTERISK-22675) Asterisk refuses correct RTP/AVP with optional encryption

klaus3000 (JIRA) noreply at issues.asterisk.org
Thu Oct 10 09:13:03 CDT 2013 

klaus3000 created ASTERISK-22675:
------------------------------------

             Summary: Asterisk refuses correct RTP/AVP with optional encryption
                 Key: ASTERISK-22675
                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22675
             Project: Asterisk
          Issue Type: Bug
      Security Level: None
          Components: Channels/chan_sip/SRTP
    Affects Versions: 11.5.1
            Reporter: klaus3000


Asterisk receives an INVITE from Blink:

INVITE sip:echo at 83.136.32.165:4343 SIP/2.0
Record-Route: <sip:83.136.32.159;lr=on;ftag=a25a6db049c34fa5bb8805dee3d46aa2;relay=yes;nat=caller>
Via: SIP/2.0/UDP 83.136.32.159;branch=z9hG4bK4a92.27b2ea15.0
Via: SIP/2.0/UDP 198.19.188.196:62329;received=63.133.202.2;rport=62329;branch=z9hG4bKPj0f5d2851846d46db9520756755856edc
Max-Forwards: 16
From: "Klaus Darilion" <sip:klaus.darilion at labs.nic.at>;tag=a25a6db049c34fa5bb8805dee3d46aa2
To: <sip:8001 at labs.nic.at>
Contact: <sip:klaus.darilion at labs.nic.at;alias=63.133.202.2~62329~1;gr=urn:uuid:2847198f-3fd0-421d-9619-50c2e744af33>
Call-ID: c46dde8cba7044539c84829ea6975f96
CSeq: 16406 INVITE
Allow: SUBSCRIBE, NOTIFY, PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, MESSAGE, REFER
Supported: 100rel, replaces, norefersub, gruu
User-Agent: Blink 0.5.0 (Windows)
Content-Type: application/sdp
Content-Length: 579
X-Info: (83.136.32.159:30067) Enforcing NAT traversal for local caller
X-Info: (83.136.32.159:30067) Enforcing symmetric response routing

v=0
o=- 3590409414 3590409414 IN IP4 83.136.32.159
s=Blink 0.5.0 (Windows)
c=IN IP4 198.19.188.196
t=0 0
m=audio 11000 RTP/AVP 108 99 98 9 0 8 96
c=IN IP4 83.136.32.159
a=rtcp:11001
a=rtpmap:108 opus/48000
a=rtpmap:99 speex/32000
a=rtpmap:98 speex/16000
a=rtpmap:9 G722/8000
a=rtpmap:0 PCMU/8000
a=rtpmap:8 PCMA/8000
a=rtpmap:96 telephone-event/8000
a=fmtp:96 0-15
a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:y3I9RSOpehl6UG/pMX1CaNeSak1cKOocNdElKqXX
a=crypto:2 AES_CM_128_HMAC_SHA1_32 inline:ZIfBn8Ph00X7eEgD9Y/Ixaj0Kjgv3SiFnlPlqi9E
a=sendrecv
a=nortpproxy:yes


The SDP uses the RTP/AVP profile, but adds a=crypto lines. This means: "RTP is fine, but if you also support SRTP when can make SRTP too".

Regardless of the "encryption=..." setting, Asterisk refuses this call with:
"We are requesting SRTP for audio, but they responded without it!"

Asterisk should accept the call and use RTP if encryption=no or use SRTP if encryption=yes.

Even better would be if encryption= also allows "yes, if possible". This would allow SRTP calls with fallback to RTP.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira

More information about the asterisk-bugs mailing list