[asterisk-dev] [Code Review] 2683: Add DTLS-SRTP support to chan_pjsip

opticron reviewboard at asterisk.org
Fri Jul 19 13:26:15 CDT 2013



> On July 18, 2013, 6:04 p.m., Mark Michelson wrote:
> > trunk/res/res_sip_session.c, line 926
> > <https://reviewboard.asterisk.org/r/2683/diff/1/?file=41595#file41595line926>
> >
> >     I can't see a good reason to perform this copy. I couldn't see any place in the code where the dtls_cfg on the session would get changed after being copied from the endpoint, so why not just use the endpoint's config directly? Any place you have a session, you have its corresponding endpoint to get the config from.

Ah, when I first started this patch I assumed that things were being set on the config as DTLS information was being processed and when I found out otherwise I forgot to get rid of it. Good catch. The only place where this is not the case is the encryption suite which is controlled directly by the endpoint configuration anyway and so will be consistent.


- opticron


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/2683/#review9178
-----------------------------------------------------------


On July 18, 2013, 8:40 a.m., opticron wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/2683/
> -----------------------------------------------------------
> 
> (Updated July 18, 2013, 8:40 a.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Bugs: ASTERISK-21419
>     https://issues.asterisk.org/jira/browse/ASTERISK-21419
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> This patch introduces DTLS-SRTP support to chan_pjsip and the options necessary to configure it including an option to allow choosing between 32 and 80 byte SRTP tag lengths.
> 
> During the implementation and testing of this patch, three other bugs were found and their fixes are included with this patch. The two in chan_sip were a segfault relating to DTLS setup and mistaken call rejection.  The third bug fix prevents chan_pjsip from attempting to perform bridge optimization between two endpoints if either of them is running any form of SRTP.
> 
> 
> Diffs
> -----
> 
>   trunk/channels/chan_gulp.c 394643 
>   trunk/channels/chan_sip.c 394643 
>   trunk/include/asterisk/res_sip.h 394643 
>   trunk/include/asterisk/res_sip_session.h 394643 
>   trunk/res/res_sip.c 394643 
>   trunk/res/res_sip/sip_configuration.c 394643 
>   trunk/res/res_sip_sdp_rtp.c 394643 
>   trunk/res/res_sip_session.c 394643 
> 
> Diff: https://reviewboard.asterisk.org/r/2683/diff/
> 
> 
> Testing
> -------
> 
> Hand testing against chan_sip and verification that behavior does not change when replaced with chan_sip.
> 
> 
> Thanks,
> 
> opticron
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20130719/88d8aea1/attachment.htm>


More information about the asterisk-dev mailing list