<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/3992/">https://reviewboard.asterisk.org/r/3992/</a>
</td>
</tr>
</table>
<br />
<pre style="white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Just as a note to this, we tested this patch a *lot* at SIPit 31. A few things to state about it:
* There is an outstanding issue in this patch where we will respond with crypto keys to an RTP/AVP offer that did not contain crypto keys. If we aren't offered crypto keys, we shouldn't respond to it.
* Other than that, the patch worked great. While opportunistic (optimistic?) encryption is not a 'standard', it is used by the vast majority of endpoints out there. The industry accepted practice is "encrypt everything whenever possible". You don't have to call it 'secure', but it's better than nothing.</pre>
<br />
<p>- Matt Jordan</p>
<br />
<p>On September 13th, 2014, 7:25 p.m. CDT, Joshua Colp wrote:</p>
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/static/rb/images/review_request_box_top_bg.ab6f3b1072c9.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers.</div>
<div>By Joshua Colp.</div>
<p style="color: grey;"><i>Updated Sept. 13, 2014, 7:25 p.m.</i></p>
<div style="margin-top: 1.5em;">
<b style="color: #575012; font-size: 10pt;">Repository: </b>
Asterisk
</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">When enabling SRTP support in PJSIP it is either forced on or disabled. This means that if you specify SRTP but the client does not support it the session will fail. For situations where this guarantee is not required this new functionality can be used to optimistically use SRTP if possible. This has the added benefit of encrypting the media when possible but does not guarantee it. This also fixes an issue where a client may offer SRTP using the normal transport but we reject it.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Used Blink to place calls with optimistic enabled and disabled on the PJSIP side.
In Blink I alternated between disabled/mandatory/optional.
Confirmed that for each scenario the expected outcome occurred.
Blink Asterisk Result
Disabled Optimistic Off Failed
Disabled Optimistic On Success (Not encrypted)
Mandatory Optimistic Off Success (Encrypted)
Mandatory Optimistic On Success (Encrypted)
Optional Optimistic Off Success (Encrypted)
Optional Optimistic On Success (Encrypted)</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/trunk/res/res_pjsip_sdp_rtp.c <span style="color: grey">(423064)</span></li>
<li>/trunk/res/res_pjsip/pjsip_configuration.c <span style="color: grey">(423064)</span></li>
<li>/trunk/res/res_pjsip.c <span style="color: grey">(423064)</span></li>
<li>/trunk/include/asterisk/res_pjsip.h <span style="color: grey">(423064)</span></li>
<li>/trunk/configs/samples/pjsip.conf.sample <span style="color: grey">(423064)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/3992/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>