<html>
<body>
<div style="font-family: Verdana, Arial, Helvetica, Sans-Serif;">
<table bgcolor="#f9f3c9" width="100%" cellpadding="8" style="border: 1px #c9c399 solid;">
<tr>
<td>
This is an automatically generated e-mail. To reply, visit:
<a href="https://reviewboard.asterisk.org/r/2113/">https://reviewboard.asterisk.org/r/2113/</a>
</td>
</tr>
</table>
<br />
<div>
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/2113/diff/1/?file=31234#file31234line9721" style="color: black; font-weight: bold; text-decoration: underline;">/channels/chan_sip.c</a>
<span style="font-weight: normal;">
(Diff revision 1)
</span>
</th>
</tr>
</thead>
<tbody style="background-color: #e4d9cb; padding: 4px 8px; text-align: center;">
<tr>
<td colspan="4"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">static int process_sdp(struct sip_pvt *p, struct sip_request *req, int t38action)</pre></td>
</tr>
</tbody>
<tbody>
<tr>
<th bgcolor="#f0f0f0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2">9657</font></th>
<td bgcolor="#ffffff" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">                                <span class="k">if</span> <span class="p">(</span><span class="n">has_media_stream</span><span class="p">(</span><span class="n">p</span><span class="p">,</span> <span class="n">SDP_AUDIO</span><span class="p">))</span> <span class="p">{</span></pre></td>
<th bgcolor="#f0f0f0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">9721</font></th>
<td bgcolor="#ffffff" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">                                <span class="k">if</span> <span class="p">(</span><span class="n">has_media_stream</span><span class="p">(</span><span class="n">p</span><span class="p">,</span> <span class="n">SDP_AUDIO</span><span class="p">))</span> <span class="p">{</span></pre></td>
</tr>
</tbody>
</table>
<pre style="margin-left: 2em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">This should be checked before the transport checking so that SRTP_CRYPTO_OFFER_OK does not get set inadvertently. This applies to the video stream processing as well.</pre>
</div>
<br />
<div>
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/2113/diff/1/?file=31234#file31234line10024" style="color: black; font-weight: bold; text-decoration: underline;">/channels/chan_sip.c</a>
<span style="font-weight: normal;">
(Diff revision 1)
</span>
</th>
</tr>
</thead>
<tbody style="background-color: #e4d9cb; padding: 4px 8px; text-align: center;">
<tr>
<td colspan="4"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">static int process_sdp(struct sip_pvt *p, struct sip_request *req, int t38action)</pre></td>
</tr>
</tbody>
<tbody>
<tr>
<th bgcolor="#e9eaa8" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2">9950</font></th>
<td bgcolor="#fdfebc" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">                                        <span class="p">}</span> <span class="k">if</span> <span class="p">(</span><span class="n">process_sdp_a_text</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="n">p</span><span class="p">,</span> <span class="o">&</span><span class="n">newtextrtp</span><span class="p">,</span> <span class="n">red_fmtp</span><span class="p">,</span> <span class="o">&</span><span class="n">red_num_gen</span><span class="p">,</span> <span class="n">red_data_pt</span><span class="p">,</span> <span class="o">&</span><span class="n">last_rtpmap_codec</span><span class="p">))</span> <span class="p">{</span></pre></td>
<th bgcolor="#e9eaa8" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">10024</font></th>
<td bgcolor="#fdfebc" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">                                        <span class="p">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="n">process_sdp_a_dtls</span><span class="p">(</span><span class="n">value</span><span class="p">,</span> <span class="n">p</span><span class="p">,</span> <span class="n">p</span><span class="o">-></span><span class="n">trtp</span><span class="p">))</span> <span class="p">{</span></pre></td>
</tr>
</tbody>
</table>
<pre style="margin-left: 2em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Instead of setting processed to TRUE, this should result in setting offer->type = SDP_UNKNOWN, breaking out of the stream parameter processing loop, and continuing with the next stream definition since encryption is unsupported for text streams.</pre>
</div>
<br />
<div>
<table width="100%" border="0" bgcolor="white" style="border: 1px solid #C0C0C0; border-collapse: collapse; margin: 2px padding: 2px;">
<thead>
<tr>
<th colspan="4" bgcolor="#F0F0F0" style="border-bottom: 1px solid #C0C0C0; font-size: 9pt; padding: 4px 8px; text-align: left;">
<a href="https://reviewboard.asterisk.org/r/2113/diff/1/?file=31234#file31234line10028" style="color: black; font-weight: bold; text-decoration: underline;">/channels/chan_sip.c</a>
<span style="font-weight: normal;">
(Diff revision 1)
</span>
</th>
</tr>
</thead>
<tbody style="background-color: #e4d9cb; padding: 4px 8px; text-align: center;">
<tr>
<td colspan="4"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">static int process_sdp(struct sip_pvt *p, struct sip_request *req, int t38action)</pre></td>
</tr>
</tbody>
<tbody>
<tr>
<th bgcolor="#f0f0f0" style="border-right: 1px solid #C0C0C0;" align="right"><font size="2">9952</font></th>
<td bgcolor="#ffffff" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">                                        <span class="p">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">processed_crypto</span> <span class="o">&&</span> <span class="n">process_crypto</span><span class="p">(</span><span class="n">p</span><span class="p">,</span> <span class="n">p</span><span class="o">-></span><span class="n">trtp</span><span class="p">,</span> <span class="o">&</span><span class="n">p</span><span class="o">-></span><span class="n">tsrtp</span><span class="p">,</span> <span class="n">value</span><span class="p">))</span> <span class="p">{</span></pre></td>
<th bgcolor="#f0f0f0" style="border-left: 1px solid #C0C0C0; border-right: 1px solid #C0C0C0;" align="right"><font size="2">10028</font></th>
<td bgcolor="#ffffff" width="50%"><pre style="font-size: 8pt; line-height: 140%; margin: 0; ">                                        <span class="p">}</span> <span class="k">else</span> <span class="k">if</span> <span class="p">(</span><span class="o">!</span><span class="n">processed_crypto</span> <span class="o">&&</span> <span class="n">process_crypto</span><span class="p">(</span><span class="n">p</span><span class="p">,</span> <span class="n">p</span><span class="o">-></span><span class="n">trtp</span><span class="p">,</span> <span class="o">&</span><span class="n">p</span><span class="o">-></span><span class="n">tsrtp</span><span class="p">,</span> <span class="n">value</span><span class="p">))</span> <span class="p">{</span></pre></td>
</tr>
</tbody>
</table>
<pre style="margin-left: 2em; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Ditto.</pre>
</div>
<br />
<pre style="white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">If DTLS-SRTP (or normal SRTP) is offered in session-level SDP and a text stream is also offered in the same SDP offer, Asterisk should either reject the text stream or the entire offer since it cannot honor the request.</pre>
<p>- opticron</p>
<br />
<p>On September 14th, 2012, 11:43 a.m., Joshua Colp wrote:</p>
<table bgcolor="#fefadf" width="100%" cellspacing="0" cellpadding="8" style="background-image: url('https://reviewboard.asterisk.org/media/rb/images/review_request_box_top_bg.png'); background-position: left top; background-repeat: repeat-x; border: 1px black solid;">
<tr>
<td>
<div>Review request for Asterisk Developers.</div>
<div>By Joshua Colp.</div>
<p style="color: grey;"><i>Updated Sept. 14, 2012, 11:43 a.m.</i></p>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Description </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">WebRTC has migrated to using DTLS-SRTP as the method for securing media streams. This patch adds support for it using OpenSSL. DTLS is used between both sides with the keying material for SRTP extracted from that negotiation.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Testing </h1>
<table width="100%" bgcolor="#ffffff" cellspacing="0" cellpadding="10" style="border: 1px solid #b8b5a0">
<tr>
<td>
<pre style="margin: 0; padding: 0; white-space: pre-wrap; white-space: -moz-pre-wrap; white-space: -pre-wrap; white-space: -o-pre-wrap; word-wrap: break-word;">Tested various configurations between two Asterisk instances. Rekeying, verification, etc all appear to work. Unfortunately there are very few DTLS-SRTP implementations in the wild so testing against another implementation has not yet occurred.</pre>
</td>
</tr>
</table>
<h1 style="color: #575012; font-size: 10pt; margin-top: 1.5em;">Diffs</b> </h1>
<ul style="margin-left: 3em; padding-left: 0;">
<li>/configure <span style="color: grey">(UNKNOWN)</span></li>
<li>/trunk/channels/chan_sip.c <span style="color: grey">(373058)</span></li>
<li>/trunk/channels/sip/include/sip.h <span style="color: grey">(373058)</span></li>
<li>/trunk/configs/sip.conf.sample <span style="color: grey">(373058)</span></li>
<li>/trunk/configure.ac <span style="color: grey">(373058)</span></li>
<li>/trunk/include/asterisk/autoconfig.h.in <span style="color: grey">(373058)</span></li>
<li>/trunk/include/asterisk/rtp_engine.h <span style="color: grey">(373058)</span></li>
<li>/trunk/main/rtp_engine.c <span style="color: grey">(373058)</span></li>
<li>/trunk/res/res_rtp_asterisk.c <span style="color: grey">(373058)</span></li>
</ul>
<p><a href="https://reviewboard.asterisk.org/r/2113/diff/" style="margin-left: 3em;">View Diff</a></p>
</td>
</tr>
</table>
</div>
</body>
</html>