[asterisk-bugs] [JIRA] (ASTERISK-24291) res_srtp module stops working after about 35.000 processed calls
Robert H. (JIRA)
noreply at issues.asterisk.org
Sun Aug 31 11:18:28 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-24291?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert H. updated ASTERISK-24291:
---------------------------------
Attachment: issue_24291_full_log.14.txt
Hello Matt,
thank you for your quick feedback.
Attached you will find the trace you have requested.
The trace starts around 60-70 calls before.
Until call [C-00008824] everything works fine.
At call [C-00008825] the problem starts and SRTP no longer works until the res_srtp.so module has been reloaded.
After reloading the module the issue occurs again after about 35k SRTP calls (to be exactly: 34852).
These are the important trace lines:
last working call:
{noformat}
[2014-08-31 17:38:28.656] DEBUG[12804][C-00008824] sip/sdp_crypto.c: local_key64 7zftbmFk8DEQVnePF8a2tbyTW8wC3TgkH1CK4cz+ len 40
[2014-08-31 17:38:28.656] DEBUG[12804][C-00008824] sip/sdp_crypto.c: Crypto line: a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:7zftbmFk8DEQVnePF8a2tbyTW8wC3TgkH1CK4cz+
{noformat}
first call where the issue occurs and the crypto line is no longer added to the sdp:
{noformat}
[2014-08-31 17:38:28.974] WARNING[12805][C-00008825] chan_sip.c: No SRTP key management enabled
{noformat}
Do you need further info/traces to find the cause for this?
Thanks
Robert
> res_srtp module stops working after about 35.000 processed calls
> ----------------------------------------------------------------
>
> Key: ASTERISK-24291
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-24291
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Resources/res_srtp
> Affects Versions: 11.11.0, 11.12.0
> Environment: Ubuntu 12.04.5 LTS (GNU/Linux 3.13.0-34-generic x86_64) running on HP DL360 G6/7, latest libsrtp0 version 1.4.4+20100615~dfsg-1build, SIP only environment
> Reporter: Robert H.
> Assignee: Robert H.
> Severity: Critical
> Attachments: issue_24291_full_log.14.txt
>
>
> When using encryption for RTP streams, asterisk does not accept any calls after about 35k calls (reproducable) have been processed correctly.
> All further inbound and outbound calls are rejected with a
> "488 - Not Acceptable Here".
> When this happens, one asterisk machine shows:
> {noformat}
> [2014-08-29 17:32:23.807] DEBUG[28500][C-00009387]: chan_sip.c:10530 process_sdp: Processing media-level (audio) SDP a=crypto:1 AES_CM_128_HMAC_SHA1_80 inline:cYswzW2zYpdgsVkKgQWvdbUSLedzlE8nByMqEYiI... UNSUPPORTED OR FAILED.
> [2014-08-29 17:32:23.807] WARNING[28500][C-00009387]: chan_sip.c:10535 process_sdp: Rejecting secure audio stream without encryption details: audio 11070 RTP/SAVP 8 0 101
> {noformat}
> the destination asterisk shows:
> {noformat}
> WARNING[10222][C-0000883a]: chan_sip.c:12925 get_crypto_attrib: No SRTP key management enabled
> {noformat}
> Active srtp calls are not affected when this issue occurs, but all further Invites are rejected with the 488 response, so no more calls can be processed.
> The only solution at the moment is to restart asterisk or to wait until no more SRTP calls are active and then unload res_srtp.so followed by loading the module again.
> add info:
> - problem occurs regardless of using SIP over TLS or SIP without TLS
> - other (unencrypted) RTP connections are still working
> If you need further info, just let me know.
> Thanks for checking into this!
> Robert
>
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list