[asterisk-dev] [Code Review] 4420: testsuite: Add nominal and off-nominal SRTP negotiation tests for key lifetime/MKI

Mark Michelson reviewboard at asterisk.org
Fri Feb 20 07:41:14 CST 2015 


> On Feb. 18, 2015, 8:58 p.m., Mark Michelson wrote:
> > /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/test-config.yaml, lines 10-13
> > <https://reviewboard.asterisk.org/r/4420/diff/1/?file=71429#file71429line10>
> >
> >     I think that the lifetime checks should include the bottom and top of the allowed range.
> 
> Matt Jordan wrote:
>     Bottom of the allowed range for sure. The top is a little hard, since there is no max lifetime.

There is a max lifetime of 2^48, according to the code and RFC 3711 (http://tools.ietf.org/html/rfc3711#section-8.2)


- Mark


-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviewboard.asterisk.org/r/4420/#review14489
-----------------------------------------------------------


On Feb. 20, 2015, 2:59 a.m., Matt Jordan wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviewboard.asterisk.org/r/4420/
> -----------------------------------------------------------
> 
> (Updated Feb. 20, 2015, 2:59 a.m.)
> 
> 
> Review request for Asterisk Developers and Olle E Johansson.
> 
> 
> Bugs: ASTERISK-17721, ASTERISK-17899 and ASTERISK-22748
>     https://issues.asterisk.org/jira/browse/ASTERISK-17721
>     https://issues.asterisk.org/jira/browse/ASTERISK-17899
>     https://issues.asterisk.org/jira/browse/ASTERISK-22748
> 
> 
> Repository: testsuite
> 
> 
> Description
> -------
> 
> This patch adds nominal and off-nominal tests for SDP negotiation of SDES-SRTP crypto attributes, for both chan_sip and chan_pjsip.
> 
> Specifically:
> 
> * Moved the tests/channels/SIP/sip_srtp test to tests/channels/SIP/sip_srtp/srtp_call. This change was done merely to allow for additional SRTP tests for chan_sip, and is not part of this review. Note that due to a quirk of Review Board, the moved files don't show up in the review.
> 
> * Added tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer. This covers both nominal and off-nominal SDP offers with SDES-SRTP for chan_sip. Note that the scenarios use injection files to vary the crypto attributes.
> 
> * Updated tests/channels/PJSIP/srtp_negotiation.
>   - All but two off-nominal scenarios were moved into a single off nominal scenario, decline.xml. This uses the same injection file for off nominal parameter testing as the chan_sip variant.
>   - Updated accept_nominal.xml to use an injection file to test multiple nominal values.
>   - Updated accept_multiple_attrib_first_bad.xml to not use a crypto attribute with lifetime as a 'bad' attribute.
> 
> 
> Diffs
> -----
> 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/test-config.yaml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline_with_lifetime.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline_unknown_suite.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline_no_tag.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline_no_suite.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline_no_key.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline.xml PRE-CREATION 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/decline.csv PRE-CREATION 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/accept_nominal.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/accept_multiple_attrib_first_bad.xml 6415 
>   /asterisk/trunk/tests/channels/pjsip/srtp_negotiation/sipp/accept.csv PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/tests.yaml 6415 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/test-config.yaml 6415 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/test-config.yaml PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/sipp/srtp-invite-single-crypto.xml PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/sipp/srtp-invite-off-nominal-crypto.xml PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/sipp/srtp-invite-double-crypto.xml PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/sipp/inject_attrib_single_off_nominal.csv PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/sipp/inject_attrib_single_nominal.csv PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/sipp/inject_attrib_double_nominal.csv PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/configs/ast1/sip.conf PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/srtp_sdp_offer_answer/configs/ast1/extensions.conf PRE-CREATION 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/run-test 6415 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/configs/ast2/sip.conf 6415 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/configs/ast2/extensions.conf 6415 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/configs/ast1/sip.conf 6415 
>   /asterisk/trunk/tests/channels/SIP/sip_srtp/configs/ast1/extensions.conf 6415 
> 
> Diff: https://reviewboard.asterisk.org/r/4420/diff/
> 
> 
> Testing
> -------
> 
> 
> Thanks,
> 
> Matt Jordan
> 
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20150220/c22d75e5/attachment.html>

More information about the asterisk-dev mailing list