[asterisk-dev] strictrtp seems to be not so strict
Joshua Colp
jcolp at digium.com
Fri Aug 26 07:29:24 CDT 2016
Torrey Searle wrote:
> I wouldn't dare change the default :-)
>
> But the way I understand the code is that it would end up being a
> switching, as getting a packet from the current source doesn't seem to
> re-set the counter.
>
> I'll do the following,
> change the conf validation to allow probation = 0 (default will remain 4)
>
> if learning_min_sequential is 0, the else in
>
> if (rtp->strict_rtp_state == STRICT_RTP_CLOSED) {
> if (!ast_sockaddr_cmp(&rtp->strict_rtp_address, &addr)) {
>
> will be disabled
If an attacker were aggressive with the sending of the RTP and were able
to get enough packets in before a legit one, yes. As it is the reception
of a legit packet resets the counter each time (the call to
rtp_learning_seq_init) so under normal usage a rogue stream can't cause
it to switch.
--
Joshua Colp
Digium, Inc. | Senior Software Developer
445 Jan Davis Drive NW - Huntsville, AL 35806 - US
Check us out at: www.digium.com & www.asterisk.org
More information about the asterisk-dev
mailing list