[asterisk-dev] [Code Review] Ensure chan_sip rejects encrypted streams without crypto info
opticron
reviewboard at asterisk.org
Wed Nov 21 14:28:34 CST 2012
-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2204/
-----------------------------------------------------------
Review request for Asterisk Developers.
Summary
-------
Prior to this patch, Asterisk would accept encrypted media streams (RTP/SAVP audio and video) without ensuring cryptographic keys were present on reinvites. This patch ensures that the incoming SDP is consistent with RFC4568 as far as having a crypto attribute present for any SAVP streams.
This addresses bug AST-1040.
https://issues.asterisk.org/jira/browse/AST-1040
Diffs
-----
branches/1.8/channels/chan_sip.c 376388
Diff: https://reviewboard.asterisk.org/r/2204/diff
Testing
-------
Tested with a broken (snom 320 with 7.3.30 firmware) and non-broken (CSIPSimple on Android) client to ensure reinvites were rejected when malformed.
Thanks,
opticron
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20121121/774a0a32/attachment-0001.htm>
More information about the asterisk-dev
mailing list