[asterisk-bugs] [JIRA] (ASTERISK-17899) [patch] Adds a 'ignorecryptolifetime' (Ignore Crypto Lifetime) option to sip.conf for SRTP keys specifying optional 'lifetime'

Olle Johansson (JIRA) noreply at issues.asterisk.org
Thu Sep 12 06:51:03 CDT 2013


    [ https://issues.asterisk.org/jira/browse/ASTERISK-17899?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=210183#comment-210183 ] 

Olle Johansson commented on ASTERISK-17899:
-------------------------------------------

http://lists.digium.com/pipermail/asterisk-dev/2013-September/062326.html
Pointer to discussion on asterisk-dev and Matt's decision that this is a bug.
                
> [patch] Adds a 'ignorecryptolifetime' (Ignore Crypto Lifetime) option to sip.conf for SRTP keys specifying optional 'lifetime'
> ------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-17899
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-17899
>             Project: Asterisk
>          Issue Type: New Feature
>          Components: Channels/chan_sip/NewFeature
>            Reporter: Dwayne Hubbard
>         Attachments: dw-ignore-crypto-lifetime-1.8.4.patch, dw-ignore-crypto-lifetime-trunk-r320171.patch
>
>
> This functionality is disabled by default, but when enabled it will tell Asterisk to  ignore the crypto lifetime key component if one is specified.  Using this option I was able to successfully make TLS/SRTP calls to the Sangoma Express Gateway.  This patch would not be necessary if the Sangoma Express Gateway provided an option to disable the lifetime specification; but it appears that it does not.
> Without this patch, any SRTP offers that specify the optional lifetime key component will fail.
> This patch was also tested by Ryan Mayer (mantis user: 'hidden').  Thanks Ryan!
> ****** ADDITIONAL INFORMATION ******
> Here is a sample sip.conf entry:
> [guyute]
> host=5.6.7.8
> transport=tls
> encryption=yes
> ignorecryptolifetime=yes
> port=5061
> type=peer
> disallow=all
> allow=ulaw
> dtmfmode=rfc2833
> reinvite=no
> canreinvite=no
> context=default

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.asterisk.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira



More information about the asterisk-bugs mailing list