Summary: | ASTERISK-21416: Implement SDES-SRTP support in chan_gulp | ||
Reporter: | Matt Jordan (mjordan) | Labels: | Asterisk12 NewSIP |
Date Opened: | 2013-04-12 08:33:14 | Date Closed: | 2013-05-01 08:22:38 |
Priority: | Major | Regression? | |
Status: | Closed/Complete | Components: | Channels/chan_pjsip Resources/res_srtp |
Versions: | Frequency of Occurrence | ||
Related Issues: | |||
Environment: | Attachments: | ||
Description: | This task is to implement SDES-SRTP support in chan_gulp. This includes:
* Refactoring out the setup of an SRTP session - given a set of SDP parameters - to minimize code duplication between chan_sip and chan_gulp. This would involve improving the code in sdp_crypto and sharing it between both channel drivers. * Defining and adding the necessary configuration parameters to an endpoint to enable encryption * Performing SRTP initialization on inbound requests and responding with the appropriate keys in a response * Transmitting SRTP keys given an endpoint's support for encryption * Re-initializing an SRTP session on a channel if a re-INVITE contains new keys * Adding automated tests to the test suite for chan_gulp that test negotiating SRTP keys | ||
Comments: | By: Kinsey Moore (kmoore) 2013-04-17 16:10:04.175-0500 The work for this issue is occurring on the following branch: http://svn.digium.com/svn/asterisk/team/kmoore/pimp_sip_srtp The sdp/srtp parser functions have been pulled into main and cleaned up a little (removed unused items). Next up will be factoring out the SRTP/RTP engine setup from chan_sip so it can be used from res_sip as well. By: Kinsey Moore (kmoore) 2013-04-23 10:22:00.956-0500 Calls initiated with SRTP function with encrypted audio in both directions. By: Kinsey Moore (kmoore) 2013-04-23 14:13:38.136-0500 Verified that encrypted audio still works properly after hold/unhold and session-timers-based re-INVITES with several different different clients, but none were capable of setting new keys during a call. By: Kinsey Moore (kmoore) 2013-04-24 13:46:44.453-0500 After working some bugs out of the hacked chan_sip side of changing SRTP keys mid-call, mid-call re-keying of res_sip calls now works properly (after some tweaks). |