[asterisk-bugs] [JIRA] (ASTERISK-27436) rtp openssl errors

Jørgen H (JIRA) noreply at issues.asterisk.org
Wed Dec 13 09:06:07 CST 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-27436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=240592#comment-240592 ] 

Jørgen H edited comment on ASTERISK-27436 at 12/13/17 9:04 AM:
---------------------------------------------------------------

Sorry,

Just make a normal outgoing call with webrtc/firefox and the error (no audio) will happen 3 of 4 times.
It doesn't happen with asterisk 14.5.0 and same openssl version.


was (Author: jorgen):
Sorry,

Just make a normal outgoing call with webrtc/firefox and the error will happen 3 of 4 times.
It doesn't happen with asterisk 14.5.0 and same openssl version.

> rtp openssl errors
> ------------------
>
>                 Key: ASTERISK-27436
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27436
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_rtp_asterisk
>    Affects Versions: GIT, 15.1.2
>         Environment: linux 4.9 x64, pjsip 2.7.1, libsrtp 2.1.0, openssl 1.0.2m
>            Reporter: Jørgen H
>            Assignee: Unassigned
>
> The openssl SSL_read(dtls->ssl) function in __rtp_recvfrom() in file res/res_rtp_asterisk.c fail with errors like 
> error:140FC0F4:SSL routines:dtls1_get_message:unexpected message
> and
> error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call
> The error seem to be caused by multiple calls to SSL_set_connect_state which is placed around in several functions.
> If I comment out the ones in function dtls_set_setup() I dont get the openssl error anymore, but I randomly get calls with silent audio and no new errors. Probably a race condition? Also, the data from the SSL_read()-call isn't processed anywhere because the len-variable isn't used afterwards. Is this supposed to be like that ?
> I also sometimes get
> SRTP unprotect failed on SSRC 2044349143 because of authentication failure 160
> regardless if audio work or not.
> There is a check in function dtls_perform_setup() on SSL_is_init_finished() and a SSL_clear() later. A SSL session doesnt have to be init_finished in order to have a state that needs to be cleared if you want to reuse it, but Im not sure if the code is trying to do that. Also if ssl_shutdown was called, there might be data in the BIO that must be either sent to remote or cleared with BIO_reset().



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list