[asterisk-bugs] [JIRA] (ASTERISK-29128) res_srtp: Authentication failure after hold/unhold

Alexander Traud (JIRA) noreply at issues.asterisk.org
Wed Dec 9 12:07:16 CST 2020 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-29128?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=253032#comment-253032 ] 

Alexander Traud commented on ASTERISK-29128:
--------------------------------------------

Although the issue looks simple … I re-visited my change for ASTERISK-28903 and the cause it not obvious to me. Therefore, I need the state and transitions. Consequently, I tried to reproduce your scenario -- and failed. Looking at your SIP logger output, you use a Snom desk phone. That phone is connected via PJSIP. That phone dialed another party, connected via PJSIP. Then, you use the software (?) button on the Snom to hold that call. Immediately (?) you press that button again to un-hold the call.

* I am using Asterisk 16.13, its bundled PJ Project, and libSRTP 1.5.4 just like you.
* I am using not a Snom D715 but Snom D725. That should not matter.
* I am not using firmware 8.9.3.*8* but 8.9.3.*60*, because I do not have any older version.

Therefore, please, re-run your setup and go for {{core set debug 1}}. Furthermore, if possible, run a packet trace like Wireshark in the background. What is the SSRC and SEQ of the RTP stream before and after the hold? After that can you do me a favor and update one of your devices to firmware [8.9.3.60|http://wiki.snom.com/Firmware/V8_9_3_60]? You do not need anything newer; that makes sure we have exactly the same setup. Then, please, re-run your setup again, again the RTP-SSRCs and RTP-SEQs.

Simply out of curiosity:
Although you are using the latest Asterisk version, why are you using a libSRTP version and Snom firmware from the year 2016?

> res_srtp: Authentication failure after hold/unhold
> --------------------------------------------------
>
>                 Key: ASTERISK-29128
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29128
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_srtp
>    Affects Versions: 16.13.0
>            Reporter: laszlovl
>         Attachments: filtered.log
>
>
> As simple as the title indicates. Put an SRTP call on hold, unhold it, and Asterisk starts logging "SRTP unprotect failed on SSRC 1509410849 because of authentication failure" afterwards. No more audio is transmitted.
> Traced the problem to commit https://github.com/asterisk/asterisk/commit/c00b032bbfc14f40537989477229f189a1b529d7 (ASTERISK-28903), without it everything works fine.
> Asterisk 16.13, libsrtp 1.5.4.



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list