[Home]

Summary:ASTERISK-11395: DUNDi Lookups and Queries Fail
Reporter:Preston Marshall (bbhoss)Labels:
Date Opened:2008-02-07 09:04:24.000-0600Date Closed:2008-02-15 17:11:11.000-0600
Priority:MinorRegression?No
Status:Closed/CompleteComponents:PBX/pbx_dundi
Versions:Frequency of
Occurrence
Related
Issues:
Environment:Attachments:( 0) v1-11946.patch
Description:I am attempting to join a DUNDi network and we have exchanged keys and such.  I have configured my DUNDi to the correct specifications, and it still won't lookup or query.  I tried my config on a 1.4.10 box, and I can lookup and query with no problem.  I turned on dundi debug on the 1.6 machine and it keeps saying ENCREJ.  I have diff checked the keys with the other side of the network and they are identical.  I also am using the same keys on my 1.4 box, which works fine.  If you look at the debug info below, you can see it rejecting the encryption with ENCREJ.

****** ADDITIONAL INFORMATION ******

[dundi peer config]
[00:12:3F:2A:38:72]
model = symmetric
host = messinet.com
inkey = messinet.com
outkey = 2gac
include = e164
permit = e164
qualify = yes
order = primary


[DUNDi Debug Info]
x-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: NULL         (Command)
    Flags: 00 STrans: 06097  DTrans: 00000 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 03355  DTrans: 06097 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: NULL         (Command)
    Flags: 00 STrans: 13943  DTrans: 00000 [66.166.108.203:4520] (Final)
Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 31275  DTrans: 13943 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: ENCRYPT      (Command)
    Flags: 00 STrans: 29473  DTrans: 00000 [66.166.108.203:4520]
  ENTITY IDENT    : 00:12:3f:2a:38:72
  KEYCRC32        : 2060885867
  ENCDATA         : [IV 28c3db58afd369614ca0913f93d91874] 10 encrypted blocks


Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ENCREJ       (Response)
    Flags: 00 STrans: 12720  DTrans: 29473 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 001 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 29473  DTrans: 12720 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: ENCRYPT      (Command)
    Flags: 00 STrans: 04332  DTrans: 00000 [66.166.108.203:4520]
  ENTITY IDENT    : 00:12:3f:2a:38:72
  SHAREDKEY       : [ 57 6a 9b a5 8f a0 c1 01 b1 99 05 de bf 42 96 8e 46 17 80 b8 3b e1 2a 98 2f 05 45 20 54 f4 e5 c9 15 82 c1 a4 d2 bf 3c 10 99 24 9b cd ca d0 ac 55 a3 ae 16 9a 40 6a 3d be ed b2 4a 6b 3c 28 55 78 20 d1 f3 6d 26 ea 40 fa 8b 31 2d a6 6a 36 d6 db f0 e4 5d 0f ff 00 56 26 a0 da 73 55 6a 38 c2 32 e1 c9 a3 ca 54 92 fe 57 21 88 97 5f cf 9e 52 50 64 c6 78 7b 12 64 c7 84 c1 34 f0 75 f6 f3 2c 81 ]
  SIGNATURE       : [ 0e 0d 64 d1 99 d5 3c ff 0d 5c 2a 52 84 c6 a3 97 b4 1b 2d 72 71 60 b0 de 66 95 da ad b4 69 6c ce 31 5d 32 b4 a0 16 49 4e a2 a1 7a df 15 cc 13 d5 45 86 08 e2 5d c2 48 ec 09 58 44 0f c4 6a 73 af cb 99 c9 67 3e 4d e4 cc 36 81 58 55 bd 5d 98 84 54 2f 83 a5 d8 73 4c 9d 22 d5 16 a2 20 72 5b df c2 c0 f0 8e 37 84 fe 9c 0c a0 3c 1c 66 d5 5a 28 86 ca 57 95 df a1 cd 5b d1 28 e7 f9 49 80 f1 90 ]
  ENCDATA         : [IV 28c3db58afd369614ca0913f93d91874] 10 encrypted blocks


Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ENCREJ       (Response)
    Flags: 00 STrans: 05318  DTrans: 04332 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 001 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 04332  DTrans: 05318 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: ENCRYPT      (Command)
    Flags: 00 STrans: 07927  DTrans: 00000 [66.166.108.203:4520]
  ENTITY IDENT    : 00:12:3f:2a:38:72
  KEYCRC32        : 2060885867
  ENCDATA         : [IV ea1af64eaf4f41563606c54a146cf41d] 8 encrypted blocks


Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ENCREJ       (Response)
    Flags: 00 STrans: 08899  DTrans: 07927 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 001 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 07927  DTrans: 08899 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: ENCRYPT      (Command)
    Flags: 00 STrans: 15696  DTrans: 00000 [66.166.108.203:4520]
  ENTITY IDENT    : 00:12:3f:2a:38:72
  SHAREDKEY       : [ 57 6a 9b a5 8f a0 c1 01 b1 99 05 de bf 42 96 8e 46 17 80 b8 3b e1 2a 98 2f 05 45 20 54 f4 e5 c9 15 82 c1 a4 d2 bf 3c 10 99 24 9b cd ca d0 ac 55 a3 ae 16 9a 40 6a 3d be ed b2 4a 6b 3c 28 55 78 20 d1 f3 6d 26 ea 40 fa 8b 31 2d a6 6a 36 d6 db f0 e4 5d 0f ff 00 56 26 a0 da 73 55 6a 38 c2 32 e1 c9 a3 ca 54 92 fe 57 21 88 97 5f cf 9e 52 50 64 c6 78 7b 12 64 c7 84 c1 34 f0 75 f6 f3 2c 81 ]
  SIGNATURE       : [ 0e 0d 64 d1 99 d5 3c ff 0d 5c 2a 52 84 c6 a3 97 b4 1b 2d 72 71 60 b0 de 66 95 da ad b4 69 6c ce 31 5d 32 b4 a0 16 49 4e a2 a1 7a df 15 cc 13 d5 45 86 08 e2 5d c2 48 ec 09 58 44 0f c4 6a 73 af cb 99 c9 67 3e 4d e4 cc 36 81 58 55 bd 5d 98 84 54 2f 83 a5 d8 73 4c 9d 22 d5 16 a2 20 72 5b df c2 c0 f0 8e 37 84 fe 9c 0c a0 3c 1c 66 d5 5a 28 86 ca 57 95 df a1 cd 5b d1 28 e7 f9 49 80 f1 90 ]
  ENCDATA         : [IV ea1af64eaf4f41563606c54a146cf41d] 8 encrypted blocks


Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ENCREJ       (Response)
    Flags: 00 STrans: 07897  DTrans: 15696 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 001 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 15696  DTrans: 07897 [66.166.108.203:4520] (Final)
Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: NULL         (Command)
    Flags: 00 STrans: 25232  DTrans: 00000 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 04491  DTrans: 25232 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: NULL         (Command)
    Flags: 00 STrans: 15532  DTrans: 00000 [66.166.108.203:4520] (Final)
Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 17965  DTrans: 15532 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: NULL         (Command)
    Flags: 00 STrans: 12809  DTrans: 00000 [66.166.108.203:4520] (Final)
Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 07396  DTrans: 12809 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: ENCRYPT      (Command)
    Flags: 00 STrans: 28725  DTrans: 00000 [66.166.108.203:4520]
  ENTITY IDENT    : 00:12:3f:2a:38:72
  SHAREDKEY       : [ 38 44 5a 44 6f f4 e9 b9 7d 51 59 a4 24 58 bc b9 24 74 b0 e7 81 e0 f1 34 bb 93 e2 d8 04 01 c8 cf 7f 0a a8 11 c7 2c e0 bb 8b 4c 39 3c 1b 51 88 db bb 4b 91 6c ef 30 59 6a fb 90 fd be c6 f6 8c 8b 71 59 cc 14 ee aa 25 54 66 09 18 3f e5 84 da fe c1 ac 3a 67 6f 35 13 3d e0 1d ec 6d 7f db ab 0d f0 3f 4a c6 64 ba b3 ee 92 31 ee f7 a8 82 df eb 8b 38 66 cc 1b b4 04 70 16 bd bb 17 32 f7 a2 cc ]
  SIGNATURE       : [ 8a 77 55 87 0b 3e 30 af 2f 5f 4e 6d 50 fb a1 b2 53 10 4e 37 da cd ed 70 87 3e 3d be 03 bc cd 24 cf 37 1d f0 d5 66 d4 7e f1 65 42 e2 cd 0f 66 68 70 70 76 f4 a6 f7 32 43 a8 d8 e8 ec 52 63 f4 8d ae 29 7d 8b c0 88 c0 e5 2b 88 8b 53 1a 05 ed 92 b1 6d b5 69 f3 7d e8 a6 e4 69 ac 87 d6 84 ac 33 ef 00 db e0 c7 2e 1a 37 01 fd 40 f1 2a 70 fb ce 93 d7 2f 58 84 0c 1e e4 71 02 2d 28 75 3a 9c ab ]
  ENCDATA         : [IV 9498ca422b7e34370878cc71b969415d] 8 encrypted blocks


Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ENCREJ       (Response)
    Flags: 00 STrans: 31116  DTrans: 28725 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 001 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 28725  DTrans: 31116 [66.166.108.203:4520] (Final)
Tx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: NULL         (Command)
    Flags: 00 STrans: 12223  DTrans: 00000 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 001 Type: ACK          (Response)
    Flags: 00 STrans: 27561  DTrans: 12223 [66.166.108.203:4520] (Final)
Rx-Frame Retry[No] -- OSeqno: 000 ISeqno: 000 Type: ENCRYPT      (Command)
    Flags: 00 STrans: 08488  DTrans: 00000 [66.166.108.203:4520]
  ENTITY IDENT    : 00:12:3f:2a:38:72
  KEYCRC32        : 4283432153
  ENCDATA         : [IV 67556843d502c739b8a4cc719db72f5a] 9 encrypted blocks


Comments:By: non-poster (non-poster) 2008-02-08 12:44:03.000-0600

Probably related to http://bugs.digium.com/view.php?id=11925
By: Preston Marshall (bbhoss) 2008-02-08 22:47:20.000-0600

It doesn't crash Asterisk, it just DOES NOT WORK.  No error messages that mean anything.  It seems to me like it's getting the keys mixed up.
By: Dmitry Andrianov (dimas) 2008-02-11 17:44:16.000-0600

Try attached patch.

damn, it took me whole night to debug...
By: Digium Subversion (svnbot) 2008-02-15 17:11:11.000-0600

Repository: asterisk
Revision: 103739

U   trunk/include/asterisk/aes.h

------------------------------------------------------------------------
r103739 | russell | 2008-02-15 17:11:10 -0600 (Fri, 15 Feb 2008) | 9 lines

Fix a regression in Asterisk 1.6 related to the use of AES encryption.
1024 was used instead of 128 when using AES from OpenSSL.  Many thanks
to d1mas for figuring this one out!

(closes issue ASTERISK-11395)
Reported by: bbhoss
Patches:
     v1-11946.patch uploaded by dimas (license 88)

------------------------------------------------------------------------

http://svn.digium.com/view/asterisk?view=rev&revision=103739