[asterisk-dev] [Code Review] 3992: res_pjsip_sdp_rtp: Add optimistic SRTP support.

jbigelow reviewboard at asterisk.org
Wed Oct 29 09:07:36 CDT 2014



> On Oct. 29, 2014, 8:49 a.m., jbigelow wrote:
> > I suggest reusing the 'media_encryption' pjsip.conf option with possible values of 'yes', 'no', 'attempt'/'try' instead of a new option. If not I suggest renaming the option to something like 'media_encryption_attempt' or 'media_encryption_try'.
> 
> Joshua Colp wrote:
>     media_encryption isn't a yes/no, it specifies which encryption method to use.

Ah, the sample file with 'media_encryption=no' threw me off. Could possibly have values such as 'attempt_sdes' / 'try_sdes' but then again I don't recall any other values of options being in a format like that. Just a thought. Otherwise I still suggest the option being named something like 'media_encryption_attempt' or 'media_encryption_try'. Or possibly reverse the name to 'media_encryption_force' with a default of 'yes'.


- jbigelow


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/3992/#review13611
-----------------------------------------------------------


On Oct. 21, 2014, 8:36 a.m., Joshua Colp wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/3992/
> -----------------------------------------------------------
> 
> (Updated Oct. 21, 2014, 8:36 a.m.)
> 
> 
> Review request for Asterisk Developers.
> 
> 
> Repository: Asterisk
> 
> 
> Description
> -------
> 
> When enabling SRTP support in PJSIP it is either forced on or disabled. This means that if you specify SRTP but the client does not support it the session will fail. For situations where this guarantee is not required this new functionality can be used to optimistically use SRTP if possible. This has the added benefit of encrypting the media when possible but does not guarantee it. This also fixes an issue where a client may offer SRTP using the normal transport but we reject it.
> 
> 
> Diffs
> -----
> 
>   /trunk/res/res_pjsip_session.c 426078 
>   /trunk/res/res_pjsip_sdp_rtp.c 426078 
>   /trunk/res/res_pjsip/pjsip_configuration.c 426078 
>   /trunk/res/res_pjsip.c 426078 
>   /trunk/include/asterisk/res_pjsip_session.h 426078 
>   /trunk/include/asterisk/res_pjsip.h 426078 
>   /trunk/contrib/ast-db-manage/config/versions/1443687dda65_add_media_encryption_optimistic_to_pjsip.py PRE-CREATION 
>   /trunk/configs/samples/pjsip.conf.sample 426078 
>   /trunk/CHANGES 426078 
> 
> Diff: https://reviewboard.asterisk.org/r/3992/diff/
> 
> 
> Testing
> -------
> 
> Used Blink to place calls with optimistic enabled and disabled on the PJSIP side.
> In Blink I alternated between disabled/mandatory/optional.
> Confirmed that for each scenario the expected outcome occurred.
> 
> Blink              Asterisk               Result
> Disabled           Optimistic Off         Failed
> Disabled           Optimistic On          Success (Not encrypted)
> Mandatory          Optimistic Off         Success (Encrypted)
> Mandatory          Optimistic On          Success (Encrypted)
> Optional           Optimistic Off         Success (Encrypted)
> Optional           Optimistic On          Success (Encrypted)
> 
> 
> Thanks,
> 
> Joshua Colp
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20141029/7d0ea923/attachment.html>


More information about the asterisk-dev mailing list