[Asterisk-code-review] res pjsip sdp rtp: Reject offer of required SRTP without res... (asterisk[13])

Joshua Colp asteriskteam at digium.com
Fri Nov 11 15:17:55 CST 2016 

Joshua Colp has submitted this change and it was merged. ( https://gerrit.asterisk.org/4392 )

Change subject: res_pjsip_sdp_rtp: Reject offer of required SRTP without res_srtp.
......................................................................


res_pjsip_sdp_rtp: Reject offer of required SRTP without res_srtp.

When optimistic SRTP was on it was possible for us to still
set up a call without an audio stream if an offer was received
with required SRTP.

This change makes it so this scenario will now fail with a 488
response.

ASTERISK-26575

Change-Id: I7d14187037681f48879bd20319ac79d0877318f3
---
M res/res_pjsip_sdp_rtp.c
1 file changed, 4 insertions(+), 2 deletions(-)

Approvals:
  Kevin Harwell: Looks good to me, but someone else must approve
  George Joseph: Looks good to me, but someone else must approve
  Anonymous Coward #1000019: Verified
  Joshua Colp: Looks good to me, approved



diff --git a/res/res_pjsip_sdp_rtp.c b/res/res_pjsip_sdp_rtp.c
index 6a8b43d..66550a2 100644
--- a/res/res_pjsip_sdp_rtp.c
+++ b/res/res_pjsip_sdp_rtp.c
@@ -896,9 +896,11 @@
 
 	res = setup_media_encryption(session, session_media, sdp, stream);
 	if (res) {
-		if (!session->endpoint->media.rtp.encryption_optimistic) {
+		if (!session->endpoint->media.rtp.encryption_optimistic ||
+			!pj_strncmp2(&stream->desc.transport, "RTP/SAVP", 8)) {
 			/* If optimistic encryption is disabled and crypto should have been enabled
-			 * but was not this session must fail.
+			 * but was not this session must fail. This must also fail if crypto was
+			 * required in the offer but could not be set up.
 			 */
 			return -1;
 		}

-- 
To view, visit https://gerrit.asterisk.org/4392
To unsubscribe, visit https://gerrit.asterisk.org/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: I7d14187037681f48879bd20319ac79d0877318f3
Gerrit-PatchSet: 1
Gerrit-Project: asterisk
Gerrit-Branch: 13
Gerrit-Owner: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Anonymous Coward #1000019
Gerrit-Reviewer: George Joseph <gjoseph at digium.com>
Gerrit-Reviewer: Joshua Colp <jcolp at digium.com>
Gerrit-Reviewer: Kevin Harwell <kharwell at digium.com>

More information about the asterisk-code-review mailing list