<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/1741/">https://reviewboard.asterisk.org/r/1741/</a>
</td>
</tr>
</table>
<br />
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers, Joshua Colp and Mark Michelson.</div>
<div>By Matt Jordan.</div>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Currently, when using res_srtp, once the SRTP policy has been added to the current session the policy is locked into place. Any attempt to add a new policy, which would replace an existing policy, is instead rejected in res_srtp.
This patch adds a new configurable option to rtp.conf.sample "srtpallowpolicyrenew" that instructs res_srtp to allow policies to be renewed. Thus, if a SIP re-INVITE is sent to Asterisk with a new cryptographic key, and the SDP parsing contructs a new local/remote policy for the SRTP session, the policy will be re-added to the underlying library and the new key used for further SIP messages.
Since res_srtp didn't actually use a configuration object, or have 'reload' implemented for its module, I went ahead and added that as well.
This patch was written against 1.8; however, it could be argued that its a new behavior (hence the configurable parameter turning it on), I'm open to debate on whether or not this should go into trunk. As a defense for it going into 1.8, there are phones that need this setting to function properly (as they send a re-INVITE in certain situations that have a new key)</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Made sure that the initial patch didn't break the SRTP test in the TestSuite. Made sure that the module could be loaded, unloaded, and reloaded and that the configuration value was read.
More testing is needed to make sure that the key is actually re-generated properly and that the SRTP stream is removed from the underlying SRTP library.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/branches/1.8/configs/rtp.conf.sample <span style="color: grey">(354547)</span></li>
<li>/branches/1.8/res/res_srtp.c <span style="color: grey">(354547)</span></li>
<li>/branches/1.8/CHANGES <span style="color: grey">(354547)</span></li>
<li>/branches/1.8/channels/sip/sdp_crypto.c <span style="color: grey">(354547)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/1741/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>