[asterisk-bugs] [JIRA] (ASTERISK-27436) rtp openssl errors

Asterisk Team (JIRA) noreply at issues.asterisk.org
Fri Jan 5 12:01:41 CST 2018 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-27436?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=241372#comment-241372 ] 

Asterisk Team commented on ASTERISK-27436:
------------------------------------------

Suspended due to lack of activity. This issue will be automatically re-opened if the reporter posts a comment. If you are not the reporter and would like this re-opened please create a new issue instead. If the new issue is related to this one a link will be created during the triage process. Further information on issue tracker usage can be found in the Asterisk Issue Guidlines [1].

[1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines

> rtp openssl errors
> ------------------
>
>                 Key: ASTERISK-27436
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-27436
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_rtp_asterisk
>    Affects Versions: GIT, 15.1.2
>         Environment: linux 4.9 x64, pjsip 2.7.1, libsrtp 2.1.0, openssl 1.0.2m
>            Reporter: Jørgen H
>            Assignee: Jørgen H
>
> The openssl SSL_read(dtls->ssl) function in __rtp_recvfrom() in file res/res_rtp_asterisk.c fail with errors like 
> error:140FC0F4:SSL routines:dtls1_get_message:unexpected message
> and
> error:140C5042:SSL routines:ssl_undefined_function:called a function you should not call
> The error seem to be caused by multiple calls to SSL_set_connect_state which is placed around in several functions.
> If I comment out the ones in function dtls_set_setup() I dont get the openssl error anymore, but I randomly get calls with silent audio and no new errors. Probably a race condition? Also, the data from the SSL_read()-call isn't processed anywhere because the len-variable isn't used afterwards. Is this supposed to be like that ?
> I also sometimes get
> SRTP unprotect failed on SSRC 2044349143 because of authentication failure 160
> regardless if audio work or not.
> There is a check in function dtls_perform_setup() on SSL_is_init_finished() and a SSL_clear() later. A SSL session doesnt have to be init_finished in order to have a state that needs to be cleared if you want to reuse it, but Im not sure if the code is trying to do that. Also if ssl_shutdown was called, there might be data in the BIO that must be either sent to remote or cleared with BIO_reset().



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list