[asterisk-bugs] [JIRA] (ASTERISK-27436) rtp openssl errors

Asterisk Team (JIRA) noreply at issues.asterisk.org
Mon Nov 20 12:09:07 CST 2017 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-27436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=240181#comment-240181 ] 

Asterisk Team commented on ASTERISK-27436:
------------------------------------------

Thanks for creating a report! The issue has entered the triage process. That means the issue will wait in this status until a Bug Marshal has an opportunity to review the issue. Once the issue has been reviewed you will receive comments regarding the next steps towards resolution.

A good first step is for you to review the [Asterisk Issue Guidelines|https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines] if you haven't already. The guidelines detail what is expected from an Asterisk issue report.

Then, if you are submitting a patch, please review the [Patch Contribution Process|https://wiki.asterisk.org/wiki/display/AST/Patch+Contribution+Process].

> rtp openssl errors
> ------------------
>
>                 Key: ASTERISK-27436
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27436
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_rtp_asterisk
>    Affects Versions: GIT, 15.1.2
>         Environment: linux 4.9 x64, pjsip 2.7.1, libsrtp 2.1.0, openssl 1.0.2m
>            Reporter: Jørgen H
>
> The openssl SSL_read(dtls->ssl) function in __rtp_recvfrom() in file res/res_rtp_asterisk.c fail with errors like 
> error:140FC0F4:SSL routines:dtls1_get_message:unexpected message
> and
> error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call
> The error seem to be caused by multiple calls to SSL_set_connect_state which is placed around in several functions.
> If I comment out the ones in function dtls_set_setup() I dont get the openssl error anymore, but I randomly get calls with silent audio and no new errors. Probably a race condition? Also, the data from the SSL_read()-call isn't processed anywhere because the len-variable isn't used afterwards. Is this supposed to be like that ?
> I also sometimes get
> SRTP unprotect failed on SSRC 2044349143 because of authentication failure 160
> regardless if audio work or not.
> There is a check in function dtls_perform_setup() on SSL_is_init_finished() and a SSL_clear() later. A SSL session doesnt have to be init_finished in order to have a state that needs to be cleared if you want to reuse it, but Im not sure if the code is trying to do that. Also if ssl_shutdown was called, there might be data in the BIO that must be either sent to remote or cleared with BIO_reset().



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list