[asterisk-bugs] [JIRA] (ASTERISK-25490) [patch]SDP crypto tag is validated incorrectly

Joerg Sonnenberger (JIRA) noreply at issues.asterisk.org
Sun Jan 15 16:00:10 CST 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=234636#comment-234636 ] 

Joerg Sonnenberger commented on ASTERISK-25490:
-----------------------------------------------

This is not a bug in the Snom firmware. To quote RFC 4568, section 4.1:

  The tag is a decimal number used as an identifier for a particular
   crypto attribute (see Section 9.1 for details); leading zeroes MUST
   NOT be used.  The tag MUST be unique among all crypto attributes for
   a given media line.

As such, nothing prohibits it from being a plain zero. 

As for reproducing it, I am somewhat reluctant to back out the change from my production machine and I will not be able to set up a test machine for a while. There are two possible situations from memory:
(1) Redirection from the Snom phone via the phone API.
(2) Picking up a call from a second Snom phone, i.e. by BLF indicator.
In either case, it is important that secure_bridge_signaling and secure_bridge_media are set.

> [patch]SDP crypto tag is validated incorrectly
> ----------------------------------------------
>
>                 Key: ASTERISK-25490
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25490
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/SRTP
>    Affects Versions: 13.13.1, 14.2.1
>         Environment: Interoperability with Snom D725
>            Reporter: Joerg Sonnenberger
>         Attachments: patch-channels_sip_sdp__crypto.c
>
>
> When trying to forward a call from a D725 with encrypted RTP, the crypto handshake fails as the phone tries to use a zero crypto tag.
> A potential fix can be found in https://www.netbsd.org/~joerg/patch-channels_sip_sdp__crypto.c
> The same issue should apply to newer releases as well, but I can't test that easily.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list