[asterisk-bugs] [JIRA] (ASTERISK-26701) res_pjsip_sdp_rtp: Optimistic Encryption Doesn't Recognize DTLS fingerprint

Joshua Colp (JIRA) noreply at issues.asterisk.org
Wed Jan 18 05:49:10 CST 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-26701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=234696#comment-234696 ] 

Joshua Colp commented on ASTERISK-26701:
----------------------------------------

Provided tests are written and existing behavior works then this could occur in a release branch. If the behavior changes given the same configuration or tests fail then it would be a no-go. As for received transport it exists to support the scenario where optimistic is turned on but you receive an offer with required encryption. If the transport is not matched in the SDP the negotiation will fail and the call will fail. Extending the choices of media_encryption_optimistic is best - as long as the existing options remain and behave as they do now. I'm not against any of this, we just have to ensure that what exists now is not broken as a result and that the functionality is fully flushed out.

Outside the scope of SDP being the offerer the current RTP support may not allow this. It's not written to support both DTLS and SDES on an instance and I'm not sure if it would work. It would be something to make sure of.

> res_pjsip_sdp_rtp: Optimistic Encryption Doesn't Recognize DTLS fingerprint
> ---------------------------------------------------------------------------
>
>                 Key: ASTERISK-26701
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-26701
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_pjsip_sdp_rtp
>    Affects Versions: 13.13.1
>            Reporter: Joshua Elson
>
> Optimistic encryption on Asterisk 13+ doesn't properly recognize a DTLS "fingerprint" line in the SDP, and therefore will not properly negotiate DTLS on an incoming call to Asterisk.
> Patch forthcoming to resolve this issue.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list