[asterisk-bugs] [JIRA] (ASTERISK-29519) ROC value not incremented in SRTP

Asterisk Team (JIRA) noreply at issues.asterisk.org
Tue Jul 27 12:00:33 CDT 2021 

    [ https://issues.asterisk.org/jira/browse/ASTERISK-29519?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=255704#comment-255704 ] 

Asterisk Team commented on ASTERISK-29519:
------------------------------------------

Suspended due to lack of activity. This issue will be automatically re-opened if the reporter posts a comment. If you are not the reporter and would like this re-opened please create a new issue instead. If the new issue is related to this one a link will be created during the triage process. Further information on issue tracker usage can be found in the Asterisk Issue Guidlines [1].

[1] https://wiki.asterisk.org/wiki/display/AST/Asterisk+Issue+Guidelines

> ROC value not incremented in SRTP
> ---------------------------------
>
>                 Key: ASTERISK-29519
>                 URL: https://issues.asterisk.org/jira/browse/ASTERISK-29519
>             Project: Asterisk
>          Issue Type: Bug
>      Security Level: None
>          Components: Resources/res_srtp
>    Affects Versions: 18.4.0
>            Reporter: Marcos Cereijo Rodríguez
>            Assignee: Marcos Cereijo Rodríguez
>
> h3. What is happening?
> We have to do an integration with a client that wants to secure their communications with TLS for the signaling and SRTP for the media.
> After enabling SRTP all looked great, but the client detected that after ~22 minutes the call hangup automatically.
> After some debugging, the client inform us that his SBC provider detected the issue. The reason of this problem was that after the RTP sequence number overflowed, the ROC (roll-over counter) value wasn't increased.
> h3. Proposed solution
> We had to update the `libsrtp` version from 2.0.0 to 2.3.0. The reason for this change is that the default version included in Debian doesn't expose the headers from reading and changing the values of ROC.
> For implementing this, we modified the following files:
> * res/res_rtp_asterisk.c
> * res/res_srtp.c
> The modifications for *res_srtp.c*:
> <inline code removed>



--
This message was sent by Atlassian JIRA
(v6.2#6252)

More information about the asterisk-bugs mailing list