[asterisk-dev] [Code Review] IAX2 retransmit with encryption enabled fix
Russell Bryant
russell at digium.com
Thu Mar 12 13:16:02 CDT 2009
Tim Panton wrote:
> So if you are going to change the encrypted portion at all, you need to
> be sure to use new random padding.
This is a great point and is actually something we were talking about
earlier today as a result of the off-list email.
> I'm tempted to say that if it's an encrypted frame we are retrying, skip
> the iseq update and fire it off as-is.
I'm certainly fine with that if updating the random padding as well is
not enough to help mitigate the decrease in security.
Thanks a lot for the feedback!
--
Russell Bryant
Digium, Inc. | Senior Software Engineer, Open Source Team Lead
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-dev
mailing list