[asterisk-dev] [Code Review] 2468: Pimp My SIP: SDES SRTP Support

Joshua Colp reviewboard at asterisk.org
Thu Apr 25 13:04:23 CDT 2013



> On April 25, 2013, 4:42 p.m., Joshua Colp wrote:
> > team/group/pimp_my_sip/include/asterisk/res_sip.h, lines 257-258
> > <https://reviewboard.asterisk.org/r/2468/diff/2/?file=36382#file36382line257>
> >
> >     I don't know if I like this none option. It's like optional SRTP. :P "I don't require it but if they offer it sure why not"
> 
> opticron wrote:
>     This is the way that chan_sip currently behaves for encryption=no as I understand the code (it's entirely possible that I read it wrong). Are you saying we want to drop the behavior I've specified for "no" and replace it with the behavior I've specified for "deny"?

Enabling encryption should make it required, disabling encryption should make it be rejected if offered.

This forces the user to be aware of the encryption status. If you have it "upgrade" then the encryption may or may not be present, which makes it optional and potentially useless.


- Joshua


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2468/#review8356
-----------------------------------------------------------


On April 24, 2013, 8:02 p.m., opticron wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/2468/
> -----------------------------------------------------------
> 
> (Updated April 24, 2013, 8:02 p.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Bugs: ASTERISK-21416
>     https://issues.asterisk.org/jira/browse/ASTERISK-21416
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> Add support for SDES SRTP in chan_gulp/res_sip.  Available options for media encryption for a given endpoint are deny (no encryption allowed), no (none offered by default, but silent upgrade to SDES allowed), and sdes.  This also supports mid-call rekeying as far as I could test it.  Much of the code necessary for this functionality was factored out of chan_sip or pulled from channels/sip/.
> 
> 
> Diffs
> -----
> 
>   team/group/pimp_my_sip/channels/sip/include/sip.h 386429 
>   team/group/pimp_my_sip/channels/sip/include/sdp_crypto.h 386429 
>   team/group/pimp_my_sip/channels/chan_sip.c 386429 
>   team/group/pimp_my_sip/channels/sip/include/srtp.h 386429 
>   team/group/pimp_my_sip/channels/sip/sdp_crypto.c 386429 
>   team/group/pimp_my_sip/channels/sip/srtp.c 386429 
>   team/group/pimp_my_sip/configs/res_sip.conf.sample 386430 
>   team/group/pimp_my_sip/include/asterisk/res_sip.h 386429 
>   team/group/pimp_my_sip/include/asterisk/res_sip_session.h 386429 
>   team/group/pimp_my_sip/include/asterisk/sdp_srtp.h PRE-CREATION 
>   team/group/pimp_my_sip/main/sdp_srtp.c PRE-CREATION 
>   team/group/pimp_my_sip/res/res_sip/sip_configuration.c 386429 
>   team/group/pimp_my_sip/res/res_sip_sdp_rtp.c 386429 
>   team/group/pimp_my_sip/res/res_sip_session.c 386429 
> 
> Diff: https://reviewboard.asterisk.org/r/2468/diff/
> 
> 
> Testing
> -------
> 
> Hand testing with several SRTP-capable endpoints and mid-call rekeying tested with minor tweaks to an otherwise unmodified chan_sip.
> 
> 
> Thanks,
> 
> opticron
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130425/8e92190f/attachment-0001.htm>


More information about the asterisk-dev mailing list