[asterisk-bugs] [JIRA] (ASTERISK-25490) [patch]SDP crypto tag is validated incorrectly
Alexander Traud (JIRA)
noreply at issues.asterisk.org
Mon Jan 14 03:46:48 CST 2019
[ https://issues.asterisk.org/jira/browse/ASTERISK-25490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=236182#comment-236182 ]
Alexander Traud edited comment on ASTERISK-25490 at 1/14/19 3:45 AM:
---------------------------------------------------------------------
I was not able to reproduce this with my Snom D725. However, the RTX 9430 (Single-cell DECT-IP base) faces the same issue. I reported this to RTX via Snom, because the Snom M300 (part of the Snom M325 package) is actually a RTX 9430. There are more manufactures which re-labeled that product, like Agfeo DECT IP-Basis XS, Alcatel-Lucent 8318, Konftel IP DECT 10, and Mitel RFP 12. As stated before, I do not see a reason, why Asterisk should not support zero as tag value as well. Furthermore, it might take years until all RTX 9430 in the field are updated.
However, I was not able to test the code contribution here to go for code review. Yes, I could have used SIPp instead. Thanks to my Snom M325, I was able to test the code and submitted a change for review (see the Gerrit tab).
[~joerg], I just changed the accepted value range in Asterisk. I have not understood why you create a new buffer. Is this because of possible white-space?
was (Author: traud):
I was not able to reproduce this with my Snom D725. However, the RTX 9430 (Single-cell DECT-IP base) faces the same issue. I reported this to RTX via Snom, because the Snom M300 (part of the Snom M325 package) is actually a RTX 9430. There are more manufactures which re-labeled that product, like Agfeo DECT IP-Basis XS, Konftel IP DECT 10, and Mitel RFP 12. As stated before, I do not see a reason, why Asterisk should not support zero as tag value as well. Furthermore, it might take years until all RTX 9430 in the field are updated.
However, I was not able to test the code contribution here to go for code review. Yes, I could have used SIPp instead. Thanks to my Snom M325, I was able to test the code and submitted a change for review (see the Gerrit tab).
[~joerg], I just changed the accepted value range in Asterisk. I have not understood why you create a new buffer. Is this because of possible white-space?
> [patch]SDP crypto tag is validated incorrectly
> ----------------------------------------------
>
> Key: ASTERISK-25490
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-25490
> Project: Asterisk
> Issue Type: Bug
> Security Level: None
> Components: Channels/chan_sip/SRTP
> Affects Versions: 13.13.1, 14.2.1
> Environment: Interoperability with Snom D725
> Reporter: Joerg Sonnenberger
> Target Release: 13.16.0, 14.5.0, 15.0.0
>
> Attachments: patch-channels_sip_sdp__crypto.c
>
>
> When trying to forward a call from a D725 with encrypted RTP, the crypto handshake fails as the phone tries to use a zero crypto tag.
> A potential fix can be found in https://www.netbsd.org/~joerg/patch-channels_sip_sdp__crypto.c
> The same issue should apply to newer releases as well, but I can't test that easily.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list