[asterisk-dev] [Code Review] SRTP support for Asterisk

Terry Wilson twilson at digium.com
Tue Jun 1 21:57:09 CDT 2010


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/191/
-----------------------------------------------------------

(Updated 2010-06-01 21:57:09.842188)


Review request for Asterisk Developers.


Changes
-------

Addresses russell's, mmichelson's, and dvossel's reviews.


Summary
-------

SRTP support for Asterisk using Sdescriptions. This has been sitting around for a while, so I figured that it should at least get some review.  Full description of setup at http://lists.digium.com/pipermail/asterisk-dev/2009-January/036029.html


This addresses bug 5413.
    https://issues.asterisk.org/view.php?id=5413


Diffs (updated)
-----

  /trunk/CHANGES 266876 
  /trunk/build_tools/menuselect-deps.in 266876 
  /trunk/channels/chan_iax2.c 266876 
  /trunk/channels/chan_sip.c 266876 
  /trunk/channels/sip/dialplan_functions.c 266876 
  /trunk/channels/sip/include/sdp_crypto.h PRE-CREATION 
  /trunk/channels/sip/include/sip.h 266876 
  /trunk/channels/sip/include/srtp.h PRE-CREATION 
  /trunk/channels/sip/sdp_crypto.c PRE-CREATION 
  /trunk/channels/sip/srtp.c PRE-CREATION 
  /trunk/configure.ac 266876 
  /trunk/funcs/func_channel.c 266876 
  /trunk/include/asterisk/autoconfig.h.in 266876 
  /trunk/include/asterisk/frame.h 266876 
  /trunk/include/asterisk/global_datastores.h 266876 
  /trunk/include/asterisk/res_srtp.h PRE-CREATION 
  /trunk/include/asterisk/rtp_engine.h 266876 
  /trunk/main/asterisk.exports.in 266876 
  /trunk/main/channel.c 266876 
  /trunk/main/global_datastores.c 266876 
  /trunk/main/rtp_engine.c 266876 
  /trunk/makeopts.in 266876 
  /trunk/res/res_rtp_asterisk.c 266876 
  /trunk/res/res_srtp.c PRE-CREATION 
  /trunk/res/res_srtp.exports.in PRE-CREATION 

Diff: https://reviewboard.asterisk.org/r/191/diff


Testing
-------

4 external tests written covering:
Running with res_srtp noloaded to emulate a user not having libsrtp installed (to make sure we don't accidentally rely on SRTP support)
Making a call with a user with encrypted=yes when libsrtp support is not enabled fails
Making a call with encrypted=yes when libsrtp present results in an encrypted call (which also tests the CHANNEL(secure_media) function
Using CHANNEL(secure_bridge_media) results in the outgoing call attempting to use encryption

In addition, I have tested a Polycom VVX-1500 to ensure that video + audio SRTP works.


Thanks,

Terry




More information about the asterisk-dev mailing list