[asterisk-commits] kmoore: branch 1.8 r378217 - /branches/1.8/channels/chan_sip.c
SVN commits to the Asterisk project
asterisk-commits at lists.digium.com
Mon Dec 31 08:41:42 CST 2012
Author: kmoore
Date: Mon Dec 31 08:41:37 2012
New Revision: 378217
URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=378217
Log:
Ensure chan_sip rejects encrypted streams without crypto info
This ensures that Asterisk rejects encrypted media streams (RTP/SAVP
audio and video) that are missing cryptographic keys and ensures that
the incoming SDP is consistent with RFC4568 as far as having a crypto
attribute present for any SAVP streams.
Review: https://reviewboard.asterisk.org/r/2204/
Modified:
branches/1.8/channels/chan_sip.c
Modified: branches/1.8/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/1.8/channels/chan_sip.c?view=diff&rev=378217&r1=378216&r2=378217
==============================================================================
--- branches/1.8/channels/chan_sip.c (original)
+++ branches/1.8/channels/chan_sip.c Mon Dec 31 08:41:37 2012
@@ -9547,6 +9547,15 @@
type, value,
(processed == TRUE)? "OK." : "UNSUPPORTED OR FAILED.");
}
+
+ /* Ensure crypto lines are provided where necessary */
+ if (audio && secure_audio && !processed_crypto) {
+ ast_log(LOG_WARNING, "Rejecting secure audio stream without encryption details: %s\n", m);
+ return -1;
+ } else if (video && secure_video && !processed_crypto) {
+ ast_log(LOG_WARNING, "Rejecting secure video stream without encryption details: %s\n", m);
+ return -1;
+ }
}
/* Sanity checks */
More information about the asterisk-commits
mailing list