[asterisk-bugs] [JIRA] (ASTERISK-25490) [patch]SDP crypto tag is validated incorrectly

Alexander Traud (JIRA) noreply at issues.asterisk.org
Mon Jan 16 02:53:10 CST 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-25490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=234643#comment-234643 ] 

Alexander Traud commented on ASTERISK-25490:
--------------------------------------------

This *is* an issue in the Snom software because I am not aware of anyone else using a tag of 0. Although it is not a software bug per se, it is an interoperability issue for sure. Yes, the BNF in the RFC allows a 0 as tag value. However, actually, your quoted sentence does not allow a 0 as tag value because that could be understood as ‘leading’ zero. From that quote and that interpretation, the tag should be empty, which is not allowed by the BNF. Consequently, a 0 wold not be allowed for the tag. Furthermore, all examples in the RFC start with 1. Anyway, such a discussion is fruitless, because these RFC are not bullet proof (the BNF should match the examples; why that leading zero text is there is questionable as well). The situation is as it is. I see no reason for Asterisk not to allow 0. I see no reason for Snom not to go for 1 as they do in all other scenarios. Therefore, please, report this issue to Snom as well. It is *their* job to judge on this matter. I am quite sure, for sake of interoperability, they change.

Same here, I would love to drive this through Code Review within Asterisk and allow a 0. But I have to test the resulting code. If you change to a non-PFS based TLS Cipher Suite like {{tlscipher=AES128-SHA}} in the configuration file {{sip.conf}}, you should be able to track that issue via Wireshark even in a production deployment. Alternatively, you go for {{sip set debug on}} in the Asterisk CLI.

I tried a ‘redirection’ from the physical user interface of my Snom D725 and got a starting tag value of 1. Which button(s) do you press exactly, when you redirect?

> [patch]SDP crypto tag is validated incorrectly
> ----------------------------------------------
>
>                 Key: ASTERISK-25490
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-25490
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Channels/chan_sip/SRTP
>    Affects Versions: 13.13.1, 14.2.1
>         Environment: Interoperability with Snom D725
>            Reporter: Joerg Sonnenberger
>         Attachments: patch-channels_sip_sdp__crypto.c
>
>
> When trying to forward a call from a D725 with encrypted RTP, the crypto handshake fails as the phone tries to use a zero crypto tag.
> A potential fix can be found in https://www.netbsd.org/~joerg/patch-channels_sip_sdp__crypto.c
> The same issue should apply to newer releases as well, but I can't test that easily.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list