[asterisk-dev] Asterisk-17899 - Adds ignorecryptolifetime

Matthew Jordan mjordan at digium.com
Fri Mar 7 17:00:02 CST 2014


On Fri, Mar 7, 2014 at 4:14 PM, Abdenasser Ghomri
<ghomri.nasser at gmail.com> wrote:
> Hi Richard,
>
> The new beta firmware for the GXP1400 has the option to disable the crypto
> life time.
>
> You may give it a try to get the SRTP working without any change on Asterisk
> side.
> Best Regards,
>
> On Mar 4, 2014 7:08 PM, <richard.seguin at marisec.ca> wrote:
>>
>> Hi folks,
>>
>> I recently bought a grandstream gxp1400, and I am running into the issue
>> described in bug report 17899.  I see a patch was made for asterisk 1.8.4,
>> however I'm not sure if it was brought forward to more recent versions.  I
>> am running 1.8.5, and I am running into the below issue.
>>
>> [2014-03-04 14:01:16] NOTICE[1626]: sip/sdp_crypto.c:250
>> sdp_crypto_process: Crypto life time unsupported: crypto:1
>> AES_CM_128_HMAC_SHA1_80 inline:S2byM1kcUoxV4VkAj8rusbgMIwlAzgNNwua2Cskz|2^32
>>
>>
>> Is there a newer patch that I can apply to allow me to use SRTP with this
>> phone?
>>

So far, no one has put such a patch up for review that actually
supports key life times. As I noted in another thread [1], we should
actually support key lifetimes, and not just ignore them.

I know Olle has a branch for Asterisk 1.8 - Lingon - that supports key
lifetimes. I'm sure having someone test out the branch would help get
this issue moving forward.

The next step would be for someone to put the change up on Review Board.

[1] http://lists.digium.com/pipermail/asterisk-dev/2013-September/062326.html

Matt

-- 
Matthew Jordan
Digium, Inc. | Engineering Manager
445 Jan Davis Drive NW - Huntsville, AL 35806 - USA
Check us out at: http://digium.com & http://asterisk.org



More information about the asterisk-dev mailing list