[asterisk-commits] file: branch 11 r429632 - /branches/11/channels/chan_sip.c

SVN commits to the Asterisk project asterisk-commits at lists.digium.com
Tue Dec 16 10:35:35 CST 2014


Author: file
Date: Tue Dec 16 10:35:28 2014
New Revision: 429632

URL: http://svnview.digium.com/svn/asterisk?view=rev&rev=429632
Log:
chan_sip: Allow T.38 switch-over when SRTP is in use.

Previously when SRTP was enabled on a channel it was not possible
to switch to T.38 as no crypto attributes would be present.

This change makes it so it is now possible. If a T.38 re-invite
comes in SRTP is terminated since in practice you can't encrypt
a UDPTL stream. Now... if we were doing T.38 over RTP (which
does exist) then we'd have a chance but almost nobody does that so
here we are.

ASTERISK-24449 #close
Reported by: Andreas Steinmetz
patches:
 udptl-ignore-srtp-v2.patch submitted by Andreas Steinmetz (license 6523)

Modified:
    branches/11/channels/chan_sip.c

Modified: branches/11/channels/chan_sip.c
URL: http://svnview.digium.com/svn/asterisk/branches/11/channels/chan_sip.c?view=diff&rev=429632&r1=429631&r2=429632
==============================================================================
--- branches/11/channels/chan_sip.c (original)
+++ branches/11/channels/chan_sip.c Tue Dec 16 10:35:28 2014
@@ -10405,6 +10405,12 @@
 		goto process_sdp_cleanup;
 	}
 
+	if (p->srtp && p->udptl && udptlportno != -1) {
+		ast_debug(1, "Terminating SRTP due to T.38 UDPTL\n");
+		sip_srtp_destroy(p->srtp);
+		p->srtp = NULL;
+        }
+
 	if (secure_audio && !(p->srtp && (ast_test_flag(p->srtp, SRTP_CRYPTO_OFFER_OK)))) {
 		ast_log(LOG_WARNING, "Can't provide secure audio requested in SDP offer\n");
 		res = -1;
@@ -10429,7 +10435,7 @@
 		goto process_sdp_cleanup;
 	}
 
-	if (!(secure_audio || secure_video) && ast_test_flag(&p->flags[1], SIP_PAGE2_USE_SRTP)) {
+	if (!(secure_audio || secure_video || (p->udptl && udptlportno != -1)) && ast_test_flag(&p->flags[1], SIP_PAGE2_USE_SRTP)) {
 		ast_log(LOG_WARNING, "Matched device setup to use SRTP, but request was not!\n");
 		res = -1;
 		goto process_sdp_cleanup;




More information about the asterisk-commits mailing list