[asterisk-bugs] [JIRA] (ASTERISK-29625) srtp cryptos accepted if not enabled
Jasper Hafkenscheid (JIRA)
noreply at issues.asterisk.org
Thu Sep 2 09:55:33 CDT 2021
Jasper Hafkenscheid created ASTERISK-29625:
----------------------------------------------
Summary: srtp cryptos accepted if not enabled
Key: ASTERISK-29625
URL: https://issues.asterisk.org/jira/browse/ASTERISK-29625
Project: Asterisk
Issue Type: Bug
Security Level: None
Components: Resources/res_srtp
Affects Versions: 18.6.0
Environment: Debian Buster with the default libsrtp 2.2.0.
Reporter: Jasper Hafkenscheid
When compiled with {{HAVE_SRTP_256}} enabled (by configure), and without {{ENABLE_SRTP_AES_256}}, received crypto lines are still parsed and used.
We experienced several devices that did not work happily with 256 bit encryption, such as certain Fritz!box, Grandstream and Tiptel. Either having no audio or have it be disrupted after a couple of minutes.
The fix we applied is to use verify {{ENABLE_SRTP_AES_256}} as well as {{HAVE_SRTP_256}} are defined when parsing the SDP in {{res_sdp_crypto_parse_offer}}.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list