[asterisk-bugs] [JIRA] (ASTERISK-17721) Incoming SRTP calls that specify a key lifetime fail

[Alexander Traud (JIRA)]

     [ https://issues.asterisk.org/jira/browse/ASTERISK-17721?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Alexander Traud updated ASTERISK-17721:
---------------------------------------

    Attachment: srtpMKI_Asterisk12.patch
                srtpMKI_Asterisk11.patch

Yes, the other issue includes a whole branch.

Anyway, I added the hot-fix from [Pedro Garcia|http://forums.asterisk.org/viewtopic.php?f=1&t=77789], because it is easier to download them here. For example from within a script, a direct download of the patch is easier than to copy-and-paste it from the discussion board. And as stated in the other issue, hanging-up is worse than ignoring.

Made compatible with Asterisk 11 and Asterisk 12.

> Incoming SRTP calls that specify a key lifetime fail
> ----------------------------------------------------
>
>                 Key: ASTERISK-17721
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-17721
>             Project: Asterisk
>          Issue Type: Bug
>          Components: Channels/chan_sip/SRTP
>            Reporter: Terry Wilson
>            Severity: Minor
>         Attachments: srtpMKI_Asterisk11.patch, srtpMKI_Asterisk12.patch
>
>
> Asterisk's SRTP implementation does not understand the key lifetime attribute in an a=cyrpto line. Since some phones specify this (and are not configurable in this regard), Asterisk really needs to implement support for this.
> ****** STEPS TO REPRODUCE ******
> I believe recent Grandstream firmware releases send this parameter. Any call with this specified will be rejected by Asterisk.
> ****** ADDITIONAL INFORMATION ******
> The default key lifetime for AES_CM_128_HMAC_SHA1_32 or 80 is 2^48 SRTP packets (or 2^31 SRTCP packets whichever comes first). At 50 packets/second this is 178,391 years...a decidedly long call.



--
This message was sent by Atlassian JIRA
(v6.2#6252)