[asterisk-bugs] [JIRA] (ASTERISK-25490) [patch]SDP crypto tag is validated incorrectly
Joerg Sonnenberger (JIRA)
noreply at issues.asterisk.org
Thu Jan 19 16:28:10 CST 2017
[ https://issues.asterisk.org/jira/browse/ASTERISK-25490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=234742#comment-234742 ]
Joerg Sonnenberger commented on ASTERISK-25490:
-----------------------------------------------
Seriously, no. The requirement to rule out leading zero is a simple way to avoid ambiguity and issues like parsing numbers as octal. Interpreting "0" as leading zero is not a sensible interpreation.
> [patch]SDP crypto tag is validated incorrectly
> ----------------------------------------------
>
> Key: ASTERISK-25490
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25490
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/SRTP
> Affects Versions: 13.13.1, 14.2.1
> Environment: Interoperability with Snom D725
> Reporter: Joerg Sonnenberger
> Attachments: patch-channels_sip_sdp__crypto.c
>
>
> When trying to forward a call from a D725 with encrypted RTP, the crypto handshake fails as the phone tries to use a zero crypto tag.
> A potential fix can be found in https://www.netbsd.org/~joerg/patch-channels_sip_sdp__crypto.c
> The same issue should apply to newer releases as well, but I can't test that easily.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list