[asterisk-bugs] [JIRA] (ASTERISK-25265) [patch]DTLS Failure when calling WebRTC-peer on Firefox 39 - add ECDH support and fallback to prime256v1

Steve Davies (JIRA) noreply at issues.asterisk.org
Wed Aug 5 05:10:33 CDT 2015 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25265?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=227157#comment-227157 ] 

Steve Davies commented on ASTERISK-25265:
-----------------------------------------

Hi, I've seen the patches on Gerritt for this, but just reading the code, I believe this code will leak a key when using the non-"auto" version of the ECDH support, as it is necessary to call
    EC_KEY_free(key)
after using
    EC_KEY_new_by_curve_name()
according to all the examples I have seen.

I tried to add this as a review comment in Gerritt on Change 1029, but my comment is stuck in 'Draft' and I cannot see how to commit it from the webpage.


> [patch]DTLS Failure when calling WebRTC-peer on Firefox 39 - add ECDH support and fallback to prime256v1
> --------------------------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-25265
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25265
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Core/BuildSystem, Resources/res_rtp_asterisk
>    Affects Versions: SVN, 13.1.0, 13.4.0
>            Reporter: Stefan Engström
>         Attachments: asterisk-ecdh.patch
>
>
> This issue has already been reported by http://forums.asterisk.org/viewtopic.php?f=1&t=95417
> Whenever calling a webrtc peer which uses firefox version 39 (or 40 beta), I get  error messages like "res_rtp_asterisk.c: DTLS failure occurred on RTP instance '0x7fefe800e9e8' due to reason 'no shared cipher', terminating" after the SDP exchange, and the call terminates.
> Hopefully you can reproduce it yourself on the latest version of asterisk by using
> http://www.sipml5.org/call.htm (I'm not sure if asterisk is doing anything wrong or just firefox/sipml5)
> I will provide more info if it's not easily reproducable.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list