[asterisk-bugs] [JIRA] (ASTERISK-22920) Crash while Forwarding from TLS extension with CHANNEL args secure_bridge_media and secure_bridge_signaling

Friendly Automation (JIRA) noreply at issues.asterisk.org
Wed Apr 29 13:11:25 CDT 2020


    [ https://issues.asterisk.org/jira/browse/ASTERISK-22920?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=250581#comment-250581 ] 

Friendly Automation commented on ASTERISK-22920:
------------------------------------------------

Change 14327 merged by Joshua Colp:
core_local: Local calls are always secure.

[https://gerrit.asterisk.org/c/asterisk/+/14327|https://gerrit.asterisk.org/c/asterisk/+/14327]

> Crash while Forwarding from TLS extension with CHANNEL args secure_bridge_media and secure_bridge_signaling
> -----------------------------------------------------------------------------------------------------------
>
>                 Key: ASTERISK-22920
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-22920
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_srtp
>    Affects Versions: 1.8.14.0, 1.8.24.0, 11.2.2, 11.5.0, 11.6.0, 11.7.0, 13.18.4
>         Environment: CentOS release 5.8 (Final)  kernel 2.6.18-308.24.1.el5 64bit, libsrtp 1.4.2(compiled manually)  with 1.8.14 with and without patch (https://issues.asterisk.org/jira/browse/ASTERISK-18345)
> Debian GNU/Linux 7 (wheezy) kenrel 3.2.0-4-amd64 (3.2.51-1 64bit), with above patch on 11.5.0 and without patch on 1.8.24.0 11.7.0-rc1 11.6.0
> with libsrtp 1.4.4 (from debian repo), self compiled 1.4.2, as well as 1.4.4 self compiled and self compiled with patch ( http://srtp.cvs.sourceforge.net/viewvc/srtp/srtp/crypto/replay/rdb.c?r1=1.4&r2=1.5) as mentioned on https://issues.asterisk.org/jira/browse/ASTERISK-16665
> 2 phones were tested snom 710 and fanvil C62 
>            Reporter: Shlomi Gutman
>              Labels: patch
>         Attachments: A_channel.patch, backtrace_ldd.log, B_local.patch, debug.log, exten_incoming.conf, extension_realtime.info, gdb.log, ldd.log, rnewton_backtrace.txt, rnewton_sip.txt, sip.conf
>
>
> Steps to reproduce:
> 1)Asterisk with self signed certificates or GoDaddy certificates
> 2)Extension connected with TLS transport (behind NAT in our case)
> 3)Route incoming call to that extension, while forward call from it without answering (302 - FORWARD)
> 4)Crash
> I know that this bug may be related to srtp, but as we see it was not developed and maintained for a long time and as asterisk srtp based on it×¥
> I think at least it should crash the call only, but not whole asterisk.



--
This message was sent by Atlassian JIRA
(v6.2#6252)



More information about the asterisk-bugs mailing list